2-Factor Authentication in e-Invoice System/e-Way Bill made mandatory

By -

The National Informatics Centre (NIC) has recently enabled 2-Factor authentication for e-waybill and e-invoice system to further enhance the security of the systems. 


2 Factor Authentication will be made mandatory from 15th July 2023 for all the taxpayers with (Aggregate Annual Turnover) AATO above 100 Crore.

This 2-Factor authentication is required in addition to the username and password for logging in to the system.

With the 2-Factor authentication, a One Time Password (OTP) is generated and sent to the mobile number of the registered taxpayer. 

There are 3 different ways of receiving the OTP as discussed below:

1. SMS: OTP is sent to registered mobile number as SMS.

2. On ‘Sandes’ app: Sandes is a messaging app provided by government so that taxpayers can send and receive messages. Taxpayers may download and install the Sandes app on the registered mobile number and receive the OTP in it.

3. Using ‘NIC-GST-Shield’ app: ‘NIC-GST-Shield’ is a mobile app provided by eWay Bill /e-Invoice System, so that OTP can be generated by using the app. This app can be downloaded only from the e-Waybill / e-Invoice portal from the link “Main Menu 2-Factor Authentication Install NIC-GST-Shield”*. The taxpayers are required to download, install and register this app on their registered mobile number. It has to be ensured that the time displayed in the app is in sync with e-waybill / e-Invoice system. *On opening the app, OTP is displayed. The taxpayer may enter this OTP and continue the authentication. The OTP gets refreshed after every 30 seconds. 

The taxpayer does not require internet or any dependency on mobile network for generating the OTP on this app.

Though it has doubled the security of access and data protection which is the primary objective on the flip side, Taxpayers who have several GST registrations across India are facing difficulty in complying with 2-Factor authentication. 

This is particularly relevant for taxpayers in e-commerce sector where lakhs of invoices/ e-way bills are generated on a daily basis. 

Further, there may also be cases where OTPs are generated simultaneously by the taxpayers for different GSTINs. 

The OTP that the taxpayer gets on the registered mobile number lacks an identity number (like which state or which GSTIN OTP it pertains to). When a taxpayer is registered in multiple states, it is difficult to track which OTP pertains to which GSTIN.

Well.......

All said and done, the Two-factor authentication (2FA) adds another layer of security to the entire authentication process by making it difficult for attackers/hackers to gain access to an assessee’s accounts. 

Even if the assessee’s password is hacked, the password alone isn’t enough to pass the authentication check.

Going next Gen.....!!!!!


SRIVATSAN.R.

NACIN CHENNAI

Comments

Post a Comment

Popular posts from this blog

Streamlining Investigations under GST without conflict of interest

By -
Image
The Ministry of Finance, Government of India, on 30th March 2024 has issued comprehensive guidelines vide Instruction No. 01/2023-24-GST (Inv. ) for CGST field formations.  The 6 important key takeaways from the circular are:- 1.Responsibilities of (Pr.) Commissioner: Under the purview of their allocated jurisdiction, Principal Commissioners are entrusted with the task of overseeing the development, approval, and execution of intelligence, searches, and investigations. Additionally, they are responsible for coordinating with divisional formations and ensuring timely action on investigative matters. 2. Approval Process for Investigation Initiation: Investigations must receive explicit approval from the (Pr.) Commissioner before initiation, except in specific scenarios outlined by the CBIC. Situations necessitating prior written approval from the zonal Chief Commissioner include a. matters involving novel interpretations, b. large industrial houses,  c. sensitive issues, or...
Read more

Amnesty under sec 128A read with rule 164 and circular 238/2024- Demystified

By -
Image
Based on the recommendations of the GST Council made in its 53rd meeting, Section 128A has been inserted in the CGST Act, 2017 with effect from 01.11.2024 to provide for waiver of interest or penalty or both, relating to demands under section 73 of the CGST Act pertaining to Financial Years 2017-18, 2018-19 and 2019-20, subject to certain conditions. Subsequently, based on the recommendations of the GST Council made in its 54th meeting, Rule 164 has been inserted in CGST Rules, 2017 with effect from 01.11.2024 vide notification No.20/2024-Central tax dated 8th October 2024 , providing for procedure and conditions for closure of proceedings under section 128A of CGST Act. Further, on top of this CBIC issued a  Circular No. 238/32/2024-GST dated 15th October 2024 to demystify these new provision and rule, yet there are overlaps unavoidable in this circular as it traces underlying provision and rule as necessary. The FAQs is good value addition though.  Over this blog, the proce...
Read more

Analysis of GST order served to Biocon Ltd

By -
Image
Biocon Ltd. has been imposed a penalty of around ₹ 3 crores for non-compliance with GST laws. The company has received an order of adjudication imposing a penalty of Rs 3,03,78,465 dated February 22, 2024, from the office of Deputy Commissioner of Commercial Taxes, Divisional GST Office, Bangalore, Biocon Ltd said in a regulatory filing. The demand is related to input tax credit reporting error in GST monthly returns, denial of input tax credit on sales and promotional expenditures, valuation of Corporate Guarantee & denial of exemption on export of services.  Play of provisions of GST law:  Denial of ITC on Sales:  It is to be noted that the ITC on sales can be denied only upon non-compliance with the conditions prescribed in Section 16(2) of the CGST Act, 2017 & if the sale is in the form of Gift, free samples or personal consumption.  Biocon being a bio-pharmaceutical company, supply of sample medicines to the doctors/ physicians is a common practice in in...
Read more