In the wake of the online ticketing scam, the A.P. State Road Transport Corporation amended its systems and user protocol.
Henceforth, user names and passwords given to corporation personnel, including Depot Clerks-Earning and Authorised Ticket Booking (ATB) agents will be machine-specific, without remote access.
They will work only when the user names are typed on the authorised desktops, said Executive Director-IT, Jaya Rao.
Earlier, people connected with the online ticketing system could access it from several computers.
He admitted that they did not visualise a situation where outsiders could access the RTC’s Online Passenger Reservation System (OPRS) and enable unauthorised topping of credit balance on ATB accounts.
APSRTC MD A.K. Khan held a meeting with senior officials and reviewed the firewalls and safeguards built in to the OPRS, following which he authorised de-activation of remote access.
The meeting also discussed removal of the system of using OTPs (One-Time Passwords) by authorised personnel at booking counters every day when they logged on. Following complaints from personnel about abnormal delays in receiving messages with OTPs on their mobiles, the corporation had asked software provider ‘abhibus.com’ to deactivate the OTP protocol, February 20.
Manhunt launched for suspects
Meanwhile, Central Crime Station Inspector M. Ravinder Reddy said they were hot on the trail of culprits.
At least three persons are suspected to have accessed the OPRS to top up the ATB account, book high-value tickets and then cancelled them to get cash from different counters of the corporation across the twin cities and Ranga Reddy district, Vijayawada and Vizianagaram.
‘Not known offenders’
That the culprits were not ‘known offenders’ is making the job of the police difficult. “They appear to be smart and have switched off their mobile phones, communicating between themselves using other SIM cards on different handsets to avoid detection,” said an officer.