In a recent update dated June 12, 2023, the e-Way Bill/e-Invoice System has introduced a significant security enhancement called 2-Factor Authentication (2FA). This measure is aimed at ensuring the safety and integrity of the system. Starting from July 15, 2023, all taxpayers with an Annual Aggregate Turnover (AATO) above Rs 100 crore will be required to mandatorily use 2FA when accessing the e-Way Bill/e-Invoice System.
| 2FA Login further Deferred up to 20th August, 2023 for Taxpayers with AATO above 100 cr |
What is 2-Factor Authentication?
2-Factor Authentication (2FA) adds an extra layer of security to the login process of the e-Way Bill/e-Invoice System. In addition to the regular username and password, users will now need to authenticate themselves using a One-Time Password (OTP) to access the system.
Various Modes of Generating OTP
There are three different methods for generating the OTP, and users may choose any of these options to receive the authentication code:
1. SMS
When logging in, an OTP will be sent to the user’s registered mobile number via SMS. This method ensures that the authentication code is conveniently delivered to the user’s mobile device.
2. Sandes App
Sandes is a government-provided messaging app that facilitates secure communication. Users can download and install the Sandes app on their registered mobile number to receive the OTP directly on the application.
3. NIC-GST-Shield App
The NIC-GST-Shield app is a mobile application specifically designed for the e-Way Bill/e-Invoice System. Users can generate the OTP by downloading and installing the app from the e-Way Bill/e-Invoice portal. To access the app, navigate to the ‘Main Menu 2-Factor Authentication’ section and click on the ‘Install NIC-GST-Shield’ link. It is crucial to ensure that the time displayed in the app is synchronized with the e-Way Bill/e-Invoice system. Once the app is opened, an OTP will be displayed, which can be used for authentication. Notably, the OTP refreshes every 30 seconds. The app does not require an internet connection or mobile network dependency for generating the OTP.
Registration for 2-Factor Authentication
To register for 2-Factor Authentication for accessing the e-Way Bill/e-Invoice System, follow these steps:
i) Log in to the e-Way Bill System;
ii) Go to the ‘Main Menu’ and select ‘2 Factor Authentication’; and
iii) Confirm the registration process.
Once the registration is complete, the system will prompt for the OTP along with the username and password during login. It’s important to note that OTP authentication is linked to individual user accounts. Sub-users of GSTIN will have separate authentication based on their registered mobile number in the e-Way Bill/e-Invoice System. Once registered for 2-Factor Authentication, it will apply to both the e-Way Bill and e-Invoice systems.
Conclusion
With the implementation of 2-Factor Authentication (2FA) in the e-Way Bill/e-Invoice System, taxpayers can enjoy enhanced security measures. By incorporating an additional layer of authentication through the use of a One-Time Password (OTP), this update ensures that only authorized individuals can access the system. It is important for taxpayers with an AATO above Rs 100 crore to comply with this mandatory requirement, which comes into effect from July 15, 2023. By choosing their preferred mode of generating the OTP, users can ensure a secure and seamless login experience. The introduction of 2FA reflects the commitment to safeguarding sensitive information and maintaining the integrity of the e-Way Bill/e-Invoice System.
https://docs.ewaybillgst.gov.in/Documents/2FA_help1.pdf
Related Posts:
2FA Mandatory for E-waybill/E-invoice login (AATO over Rs 20 Cr)
Mandatory 2FA Login at E-waybill/E-invoice Systems Deferred for Taxpayers with AATO above Rs 100 cr
Updates in e-Waybill System about Enrollment and 2FA
Recommended Posts:
2-Factor Authentication in GST for e-Invoice/e-Waybill: Modes, Steps, FAQs
Do we need SMS on registered mobile everytime when we login for e-invoicing or it is one time only?
Taxpayers with multiple GST registrations are finding it challenging to comply with the 2-Factor authentication process. This is especially true for taxpayers in the e-commerce sector, where a large number of invoices and e-way bills are generated daily. Sometimes, taxpayers receive One-Time Passwords (OTPs) for two different GSTINs simultaneously. The OTPs they receive on their registered mobile numbers do not indicate which state or GSTIN they are associated with. This makes it difficult for taxpayers with registrations in multiple states to determine which OTP belongs to which GSTIN.
To address this issue, NASSCOM has submitted a request to GSTN and concerned officials to include an identifier along with the OTP, which will help taxpayers identify the GSTIN to which the OTP belongs. Additionally, NASSOCM has suggested for consultations with the industry for their feedback to ensure the smooth implementation of the 2-factor authentication process with minimal disruption to businesses.