In a significant move to bolster the security of India’s GST compliance mechanisms, the National Informatics Centre (NIC) has introduced mandatory two-factor authentication (2FA) for taxpayers accessing the E-Way Bill and E-Invoice systems. Effective from November 20, 2023, this measure applies to all taxpayers with an Annual Aggregate Turnover (AATO) of Rs 20 crore or more. The introduction of 2FA is a response to the growing need for enhanced security in digital financial systems, providing an additional layer of protection against unauthorized access.
Understanding 2-Factor Authentication (2FA)
2FA is a security process that requires two different types of identification for access. In addition to the standard username and password, users must also authenticate via a One-Time Password (OTP). This approach significantly reduces the risk of unauthorized access by combining something known (password) with something dynamically created (OTP).
Methods of Receiving OTP
There are three ways for taxpayers to receive OTPs for 2FA:
- SMS: OTPs are sent to the user’s registered mobile number.
- Sandes App: This government-provided messaging app allows secure communication. Users can receive OTPs directly through the app after downloading and installing it on their registered mobile number.
- NIC-GST-Shield App: Exclusively designed for generating OTPs for the e-Way Bill and E-Invoice systems, this app can be downloaded from the respective portals. It generates OTPs which refresh every 30 seconds and does not require an internet connection or mobile network for generation.
Registration Process for 2FA
To enable 2FA, users need to log in to the e-Way Bill or E-Invoice system, navigate to the ‘2 Factor Authentication’ section under the main menu, and confirm their registration. Once registered, the system will prompt the user to enter the OTP along with their username and password during login. It is important to note that the OTP authentication is linked to individual user accounts, and sub-users associated with a GSTIN will have separate authentication.
Benefits of 2FA
The implementation of 2FA for accessing the E-Way Bill and E-Invoice systems represents a significant step forward in securing sensitive financial transactions and data. By requiring a second form of authentication, the risk of unauthorized access is greatly reduced, thereby enhancing the overall integrity and security of the GST compliance framework.
Conclusion
The mandatory implementation of 2FA for E-Way Bills and E-Invoices is a clear indication of the government’s commitment to enhancing the security and efficiency of the GST system. Taxpayers with significant turnover must adhere to this new requirement to ensure compliance and safeguard their financial transactions within the GST framework.