2-Factor Authentication in E-Waybill System & GST e-Invoice
2-Factor Authentication E-Way Bill Mandatory: What You Need to Know
What is 2-Factor Authentication in E-Waybill System & GST e-Invoice?
Two-factor authentication (2FA), also known as two-step verification or dual-factor authentication, is a security technique that requires users to provide two separate forms of identification to validate their identity.
2FA improves security by protecting users’ credentials and the resources they access. Once registered, this approach can be applied to both the e-Invoice and e-Way bill systems.
NIC's Mandate on Two-factor Authentication
The National Informatics Centre (NIC) introduced two-factor Authentication (2FA) on its portals, which include e-invoicing (NIC1 and NIC2) and e-way bill websites for certain taxpayers. Here’s a structured implementation plan:
| Date of Implementation | AATO Threshold | MFA Status |
| 20th August 2023 | More than ₹100 Crores | Mandatory |
| 11th September 2023 | ₹20 Crores to ₹100 Crores | Optional (Encouraged for early adoption) |
| 1st January 2025 | ₹5 Crores to ₹20 Crores | Mandatory |
| 1st February 2025 | ₹5 Crores to ₹20 Crores | Mandatory |
| 1st April 2025 | All taxpayers (irrespective of turnover) | Mandatory |
This step aims to improve security and make portal access easier for all users.
Modes of Generating OTP for Login to E-Waybill System & GST e-Invoice
Here are three easy ways to get a one-time password (OTP) for two-factor authentication:
- SMS:
The OTP is sent directly to your registered mobile phone number via SMS. - Sandes App:
The Sandes app, the Indian government’s official messaging app, allows you to receive OTPs. Download the app, register with your mobile number, and securely access OTPs from within the app. - NIC GST Shield App:The NIC GST Shield app is available through the e-Invoice/e-Way Bill system. Follow these steps to use it:
- Download, install, and register the app using your registered mobile phone number.
- Ensure that the app’s time is synchronized with the e-Invoice/e-Way Bill system.
- To view your OTP, open the app; it will refresh every 30 seconds.
- The application produces OTPs offline, thus no internet connection is required.
These methods provide both flexibility and security for your authentication needs.
Steps for 2-Factor Authentication Registration
- Log in to the e-Invoice System and select the Main Menu.
- Select Two-Factor Authentication and then confirm your registration.
- After confirmation, log in with your username, password, and a one-time password (OTP).
Currently, this feature is optional, but it will soon become mandatory.
Drawbacks of 2FA Implementation
If the invoicing team is unable to reach the registered phone number instantly. In this situation, the preparation of e-invoices or e-way bills may be delayed, resulting in business disruption.
Conclusion
Two-factor authentication (2FA) is a simple yet effective method for improving security in e-way bill and e-invoice systems. Enabling 2FA improves protection and assures stronger compliance, making it an excellent choice for users of these services.
We have completed this post. Please leave your questions in the comments section below.
FAQs
1.Which individuals need to comply with the 2-Factor Authentication (2FA) requirement of the e-Waybill/e-Invoice System?
Ans: Taxpayers having an Annual Aggregate Turnover (AATO) of more than Rs 100 crore must comply with the e-Waybill/e-Invoice System’s obligatory 2-factor Authentication (2FA) requirement. This requirement is effective as of August 20, 2023. AATO up to Rs 100 crore does not yet cover small taxpayers.
2.Is 2 factor authentication necessary for GST?
Ans: No, 2-factor authentication is not necessary for GST site logins. It is now mandatory to log into the e-way bill and e-invoicing websites.
3.What is multi-factor authentication (MFA)?
Ans: Multi-factor authentication refers to a secure login to the e-invoice and e-way bill portals for generating e-invoices and e-way bills using a username, password, and one-time password (OTP).
