Conman or Genius: Arrest of IIT Kharagpur Student Who Made Faster Rail Ticket Booking APP Than IRCTC Sparks Debate

New Delhi: An IIT Kharagpur postgraduate who allegedly made two railway ticketing apps which were faster than IRCTC is now behind the bars but netizens are hailing him as a tech-genius.

Tirupur native S Yuvarajaa was arrested for creating two android apps- ‘Super Tatkal’ and ‘Super Tatkal Pro’, which enabled users to book Tatkal rail ticket faster than the official app of IRCTC. Officials said his app was dubious and bypassed security features installed by the railways and in return took payment from his customers in digital coins.

According to the sources, the apps enabled users to book Tatkal tickets bypassing security checks on the IRCTC portal. His mobile applications were unauthorized and had features to bypasses Completely Automated Public Turing Test (CAPTCHA), a security measure that users must fill in while logging in to IRCTC. As per reports the apps also bypassed other security measures installed by the IRCTC.

For making the payment a user had to purchase a Rs 20 coins pack (each containing 10 coins). For every booking transaction, five coins would be deducted from users’ coins balance. The payment for both apps was through Instamojo gateway that credited money to Yuvarajaa’s bank account.

Yuvarajaa, a graduate from Anna University, created the apps in 2016 when he found a slow IRCTC website made it difficult for people to book confirmed tickets.  The apps became so popular that they garnered around one lakh end-users in a short time.

Many netizens have come forward in Yuvrajaa’s defence. One of his batchmate said that the application did not auto-fill CAPTCHA and the payment was done directly to railways.

A classmate of mine in college has been arrested by police for creating an app that auto-filled ticket booking webpages of @RailMinIndia . It didn't even auto-fill captchas and obviously payment happened to railways directly and yet he is being 1/

— Akilan (@akilan27) October 25, 2020

“Yuvarajaa is being falsely accused of creating fake applications and swindling money. A bright engineer and entrepreneur’s life is being spoiled through the arrest,” his batch mate twitted.

I hope that S Yuvarajaa is noticed by an IT magnate and given the chance to grow his skills profitably. I'd encourage him to emigrate.

— Ash Nallawalla (@ashnallawalla) October 26, 2020

Guy solves a huge problem by building a faster way to book rail tickets, gets arrested.
If Indian govt agencies thought like startups and actually cared a little about their customers, @IRCTCofficial would have hired S Yuvarajaa. What a shame!https://t.co/4ETSSly8eS

— Amogh Vaishampayan (@amogh42) October 27, 2020

However, railway officials clarified Yuvrajaa bypassed the railway system and made money illegally which is a crime. He wasn’t event an authorized agent registered with IRCTC to book tickets. RPF has registered a case under section 143 (2) of the Railways Act (penalty for unauthorised carrying on of the business of procuring and supplying of railway tickets).

Developing an unauthorised software bypassing e-ticketing system is an offence. Such applications defeated the purpose of having a first-come-first-serve system and benefit only a few who use the software. The Cyber Cell of Railway Protection Force (RPF) in Chennai tracked him down using server source code, application source code, end-users list and his bank statements. Both the apps have been removed from the play store.

However, such software is available in the market for long but IRCTC has failed to patch the issue. Such paid software is available on the Internet wherein agents only need to fill in passengers’ and train details along with the mode of payment, while the rest of the booking takes place automatically. The advanced software even bypasses security features like OTP from net banking and CAPTCHA fields that are added to a website to check if a user is human or an automated programme.

Indian Railways isn’t losing any revenue due to such software as the booking amount goes to its account. But such activities promote an unfair practice as regular customers are cheated of their privileges by agents who have access to malicious programmes.