As per the update given on the e-Way Bill portal dated 12th June 2023, NIC has introduced the 2 Factor Authentication for logging onto e-Way Bill and e-Invoice System to ensure a better security system. This would be mandatory from 15th July 2023 for the taxpayers having annual aggregate turnover of more than rupees 100crore.
To know more, read in detail about this instruction below:
1. What is 2FA?
2FA means 2 factor authentication or dual verification introduced by the National Informatics Centre (NIC) for logging into the e-way Bill / e- Invoice system. Here the OTP authentication is based on individual user accounts. The sub users of GSTIN will have separate authentication depending on their registered mobile number in the e-Way Bill/ e- Invoice System.
2. Need for 2FA.
This has been introduced to enhance the security system of e- Way Bill and e-Invoice system. It will provide double layer protection on user’s accounts. Presently, usernames and passwords are used to login on these portals but now in addition to it OTP will also be used for authentication.
3. How to register for 2FA?
3.1. Log in to e-Way bill system as usual.
3.2. Click on the Main Menu.
3.3. Click on “2 Factor Authentication” tab, having 3 options as follows:
i. Registration
ii. Install Sandes
iii. Install NIC-GST-Shield
This window will appear after logging into the e-Way bill portal
3.4. Click on the registration tab.
3.5. After clicking a dialogue box will appear as shown above, here you have to confirm the registration by clicking on yes.
3.6. Once confirmed the system will ask to enter OTP and then a popup notification will appear stating that you have been registered successfully.
4. Ways of receiving the OTP
There are three different ways of receiving OTP. A person can use any of the OTP and login to the system. These are mentioned as below:
4.1 SMS: In this method, OTP will be sent to the registered mobile number as SMS of the user.
4.2 SANDES APP: Sandes is a messaging app provided by the government so that user can send and receive messages. Download and install the Sandes app on the registered mobile number and receive the OTP in it.
4.3 NIC-GST-SHIELD APP: NIC-GST-Shield is a mobile app provided by e-Way Bill /e-Invoice System, so that OTP can be generated by using the app. This app can be downloaded only from the e-Waybill / e-Invoice portal from the link given in the Main Menu and then clicking on 2-Factor Authentication.
Instructions for Installing and using NIC-GST-Shield mobile app.
Step 1: Download NIC-GST-Shield app from the portal using the option “2 Factor authentication -> NIC-GST Shield”. Ensure the date and time on the mobile is in sync with e-Waybill / e-Invoice system.
Step 2: Open NIC-GST-Shield app on your mobile, authenticate by entering username/ password and OTP.
Step 3: Now Scan the QR Code shown in e-Way Bill/e-Invoice portal using NIC-GST-Shield.
Step 4: Now, enter this OTP in the box and submit.
Step 5: On successful verification of OTP, the app is successfully registered.
Step 6: Now open the app and enter the OTP displayed to login to e-Waybill and e-Invoice system.
5. Applicability of 2FA
The 2FA is going to be mandatory from 15th July 2023 for the taxpayers with annual aggregate turnover exceeding rupees 100 Crore.
6. Paksh Remarks
6.1 Two-factor authentication (2FA) adds another layer of security to the entire authentication process. Even if the password is misplaced or hacked, the password alone won’t be enough to login.
6.2 It’s a great initiative to add more security to the system.
6.3 Questions might arise that how to generate the E-Way bill and E-Invoice OTP. So it will be sent to registered mobile used for filing the GST returns. But this is not the case, OTP of registered mobile number will be required single time to register on “SANDES APP” or “NIC-GST-SHIELD APP”. Afterwards OTP will be received on these apps installed in any mobile.