• Notification Date: 22-06-2023
• Notification No: N/A

2-Factor Authentication Compulsory for Taxpayers AATO above 100 crores from 15 July 2023

The National Informatics Centre has updated that the Two factor Authentication is mandatory for all taxpayers who have Annual Aggregate Turnover (AATO) above 100 crores from 15th July 2023. The National Informatics Centre is implementing two-factor authentication for logging into the e-Way Bill/e-Invoice system to increase the security of the system. One Time Password (OTP) will be used in addition to the username and password for login authentication. 

Three methods exist for getting the OTP. You can log in to the system by entering any OTP. The different ways to generate OTP are described below:  

1. SMS: OTP will be sent to your registered mobile number as SMS.  

2. On ‘Sandes’ app: The government has made a texting software called Sandes available for sending and receiving messages. On your registered cell phone number, you can download and install the Sandes app and get the OTP there.  

3. Using ‘NIC-GST-Shield’ app: ‘The e-Way Bill / e-Invoice System offers the mobile app “NIC-GST-Shield” so that OTP can be created using the app.  This app can be downloaded only from the e-Waybill / e-Invoice portal from the link ‘Main Menu2-Factor Authentication. Install NIC-GST-Shield’. 

Install this app on your registered mobile number.  You must make sure that the time on the app matches the time on the e-Waybill/e-Invoice system. 

OTP is shown when the app is opened. You can continue the authentication by entering this OTP. Every 30 seconds, the OTP is refreshed. This programme generates the OTP without the need for an internet connection or any reliance on a mobile network.  

Registration for 2-Factor Authentication 

Go to the Main Menu 2 Factor Authentication after logging into the e-Waybill System and confirm the registration. The system will request OTP along with login and password after confirmation. User accounts provide the basis of the OTP authentication. 

The registered phone number for each sub-user of the Goods and Service Tax Identification Number (GSTIN) will be used for independent authentication in the e-Way Bill/e-Invoice System. Both the e-Way bill and e-Invoice systems require 2 Factor authentication once you have registered for them. The total amount of sales generated by a company over a certain accounting period, usually one year, is referred to as AATO. It stands for the total revenue from sales of products and services, excluding taxes and discounts. 

According to the NIC, the two-factor authentication is mandatory for all GST taxpayers who have an AATO of 100 crores. This implementation came into effect from 15th July as an improvement for the security system.