NIC Adds High-Level Security While Login to E-Way Bill & e-Invoice System

In a recent update issued by the National Informatics Centre (NIC), it has been announced that all taxpayers with an Annual Aggregate Turnover (AATO) exceeding 100 Cr will be required to implement two-factor authentication effective from July 15, 2023. This measure is aimed at enhancing the security of the e-Way Bill and GST e-Invoice system.

To ensure a higher level of security, users will now be prompted to provide an additional One-Time Password (OTP) during the login process, in addition to their username and password. The NIC has outlined three methods through which the OTP can be received:

• SMS: Users will receive an SMS containing the OTP on their registered mobile number.
• “Sandes” App: The government has introduced the Sandes messaging software, which allows users to send and receive messages securely. By downloading and installing the Sandes app on their registered mobile number, users can receive the OTP through the app.
• “NIC-GST-Shield” App: The e-Way Bill/e-Invoice portal offers the “NIC-GST-Shield” mobile app, accessible through the “Main Menu 2-Factor Authentication” link. Users can download and install this app on their registered mobile number. It is important to ensure that the time settings on the app and the GST e-way bill or e-invoice system are synchronised. Upon opening the app, users will be presented with the OTP for authentication, which is updated every 30 seconds. Notably, the generation of OTP through this app does not require an internet connection or dependence on a mobile network.

How to Register for Two-Factor Authentication?

To register for the two-factor authentication, users need to follow these steps: After logging into the GST E-Waybill system, navigate to the Main Menu, select “Two-Factor Authentication,” and confirm the registration. Subsequently, upon confirmation, the system will prompt users to enter the OTP along with their login credentials. OTP authentication is linked to user accounts, and the registration process varies based on the registered mobile number for each sub-user of the GSTIN in the e-Way Bill/e-Invoice system. Once registered, the same authentication process applies to both the e-Way Bill/e-invoice systems.

The introduction of two-factor authentication reflects the commitment of the NIC to bolster the security of taxpayer data and transactions. By implementing this enhanced login process, the NIC aims to provide an additional layer of protection and ensure the integrity of the e-Way Bill/e-Invoice system.