Two-factor authentication (2FA) under GST

author
CA. Poonam Gandhi
Apr 22, 2024
Two-factor authentication (2FA) under GST

Currently, two-factor authentication i.e. 2FA is creating a lot of buzz among taxpayers under the Goods and Services Tax (GST). Two-factor authentication is nothing but a two-step verification process. Basically, it is an additional security measure which added to strengthen the login security.

Undoubtedly, two-factor authentication aims to improve the security measures under GST. But, the same puts up an additional burden on the user.

Vide the present article, let us understand the different implementation stages and process of two-factor authentication under GST.

Different implementation stages of two-factor authentication under GST –

With a view to streamline the implementation process and also to enable sufficient time to the taxpayer to adopt additional security features, the government has introduced two-factor authentication in different stages.

Notably, two-factor authentication was first introduced for e-invoice/ e-way bills. Thereafter, it is rolled out even for the GST portal.

Two-factor authentication in case of e-invoice/ e-way bill is implemented based on the Aggregate Annual Turnover of the taxpayer. Whereas, there will be the state-wise implementation of two-factor authentication in the case of GST portal.

Let us learn more about different stages of implementation under both e-invoice/ e-way bill and GST portal –

Two-factor authentication for e-invoice and e-way bill

  • • The facility was enabled with effect from 12th April 2022, however, it was not mandatory;
  • • Two-factor authentication for the taxpayers with Aggregate Annual Turnover (i.e. AATO) above INR 100 Crores is made mandatory only with effect from 20th August 2023, and
  • • Whereas, two-factor authentication for the taxpayers with AATO above INR 20 Crores is made mandatory with effect from 20th November 2023.

Two-factor authentication for GST portal –

  • • The facility was enabled with effect from 1st December 2023
  • • The pilot launch of two-factor authentication for the GST portal has already been rolled out for the state of Haryana
  • • In the 1st phase, two-factor authentication for the GST portal will be rolled out for the following states –

    • o. Punjab

    • o. Chandigarh

    • o. Uttarakhand

    • o. Rajasthan; and

    • o. Delhi
  • • Post successful implementation of 1st phase, it will be rolled out for all the states across India.

Two-factor authentication and process thereof –

In nut-shell, post implementation of two-factor authentication, the taxpayer will have to enter a One-time password (OTP). Relevant steps where one-time password is to be entered and modes of receiving the said one-time password is explained hereunder –

Two-factor authentication for e-invoice and e-way bill –

  • • Visit the e-invoice/ e-way bill portal;
  • • Enter appropriate login credentials i.e. username and password;
  • • Enter One-time password (OTP) [Here, two-factor authentication comes into play and this is the additional authentication step added].

OTP to be entered in the above step can be generated via any of the following modes –

  • o.  SMS –

    Here, OTP will be sent to the registered mobile number via SMS;

  • o.  Sandes’ app –

    ‘Sandes’ is a messaging app. It is provided by the Government. Taxpayers can send and receive messages through this app. In order to receive OTP, the taxpayer needs to download the ‘Sandes’ app on the registered mobile number and receive OTP in it;

  • o.  NIC-GST-Shield app –

    ‘NIC-GST-Shield’ is a mobile app. The app is provided by an e-invoice/ e-way bill system.

    To receive OTP, the taxpayer needs to download the ‘NIC-GST-Shield’ app from the e-invoice or e-way bill portal. Importantly, an internet connection is not required for generating OTP on this app.

Two-factor authentication for GST portal –

  • • Visit the GST portal i.e. www.gst.gov.in;
  • • Enter appropriate login credentials i.e. username and password;
  • • Enter One-time password (OTP) [Here, two-factor authentication comes into play and this is the additional authentication step added].

Notably, OTP to be entered in the above step will be provided/ sent to the Mobile Number and e-mail ID of the primary authorized signatory. Importantly, OTP will be asked only in the following circumstances –

  • • In case the taxpayer changes the system i.e. browser or desktop or laptop; and
  • • In case the taxpayer changes the location.

Synopsis of two-factor authentication –

Two-factor authentication system under GST is simplified via the following table –

Company Contact
Implemented for Stage of implementation Two-factor authentication is implemented for –
  • o.  E-invoice / e-way bill; and
  • o.  GST portal.
E-invoice/ e-way bill –
  • o.  Two-factor authentication is mandatory from 21st August 2023 for taxpayers having AATO above INR 100 crore and from 20th November 2023 for taxpayers having AATO above INR 20 crore;
  • o.  Two-factor authentication is optional for the rest of the taxpayers.
GST portal –
  • o.  Pilot launched in the State of Haryana;
  • o.  1st phase will be rolled out for the States of Punjab; Chandigarh; Uttarakhand; Rajasthan and Delhi; and
  • o.  2nd phase will be rolled out for all the states across India.
  • o.  Importantly, two-factor authentication is yet not mandatory for the GST portal.
Modes for two-factor authentication OTP under e-invoice/ e-way bill can be received via –
  • o.  SMS;
  • o.  Sandes app;
  • o.  NIC-GST-Shield app.

OTP under the GST portal will be delivered to the mobile number and e-mail ID of the primary authorized signatory.

 
 
Start My Free Trial