100% tax compliance with smart e-Invoicing 100% tax compliance with smart e-Invoicing
Integration
across all ERPs Integration across all ERPs
4 hrs resolution SLA
& 1hr response SLA 4 hrs resolution SLA & 1hr response SLA
MIS Dashboards with
backup & storage MIS Dashboards with backup & storage
Index

2-Factor Authentication in e-Invoice System/e-Way Bill: Options, Steps and Importance

By Annapoorna

|

Updated on: Feb 7th, 2024

|

7 min read

National Informatics Centre (NIC) has introduced the two-factor authentication (2FA) to log in to the e-way bill or e-invoice system. It aims to improve the security of the e-way bill and e-invoice system. Besides username and password, the user would now require providing a one-time password (OTP) for authenticating the login. 

The implementation of 2FA puts an additional burden on the teams logging into the e-invoice and e-way bill portals of NIC. Clear e-Invoicing allows its users to avoid the hassles of 2FA while continuing to ensure an utmost secure environment for data handling and privacy. 

Continue reading the article to know more about the applicability, issues and alternate solutions for 2FA.

What is 2-Factor Authentication in e-Invoicing?

Two-factor authentication (2FA), also referred to as dual-factor authentication or two-step verification, refers to a security process in which users provide two different authentication factors for verifying themselves.

Two-factor authentication is implemented to protect both the user’s credentials and the resources the user can access. After registering for two-factor authentication, the same can be used for the e-Invoice system and the e-Way bill system.

NIC's Mandate on Two-factor Authentication

National Informatics Centre (NIC) has implemented the two-factor authentication on its portals such as the e-invoicing portals, NIC1 and NIC2, and e-way bill portal for certain taxpayers. Currently, the 2FA applies to taxpayers using these portals, as follows-

Mandatory

Optional

Taxpayers with AATO of more than Rs.100 crore from 21st August 2023. 

 

Rest of taxpayers subject to e-invoicing and e-way bill 

 

Taxpayers with AATO of more than Rs.20 crore upto Rs.100 crore from 20th November 2023

*AATO stands for Annual Aggregate Turnover.

Purpose of 2-Factor Authentication

The goods and services tax department has introduced a two-factor authentication process for 

  • Accessing the e-invoice system and e-way bill system more efficiently, and
  • Enabling the e-invoice system to be more efficient and robust, and
  • Ensuring a secure environment for accessing the e-invoice/e-way bill system

Quick Video to Learn About NIC Update on 2FA

Modes Available for Two-factor Authentication on The e-Invoice Portal

Two-factor authentication has three different ways to receive the one-time password (OTP). The same are discussed below:

SMS: OTP is shared with the assessee on the registered mobile number as SMS.

Sandes app: Sandes app is a messaging app provided by the Indian government so that assessees can send and receive messages. Assesses can download and install this app with their registered mobile number and can receive a one-time password in it.

NIC GST Shield app: NIC-GST-Shield is a mobile application provided by e-Invoice System/ eWay Bill, so OTP can be generated using this app. NIC-GST-Shield app could be downloaded only from the e-Invoice/ e-Waybill portal. The assessee needs to follow to below steps to use the NIC-GST-Shield mobile app:

  • The assessees need to download, install and register this app with their registered mobile number. 
  • One must ensure that the time displayed in the NIC-GST-Shield app is in sync with the e-Invoice/ e-waybill system. 
  • On opening this app, a one-time password is displayed. 
  • The assessee could enter this OTP and continue with the authentication process. Every 30 seconds, the OTP gets refreshed. The assessee doesn’t require internet to generate the OTP on this app.

2-factor authentication

Steps for Setting Up 2-Factor Authentication

Step 1. On logging into the e-Invoice System, the user needs to go to Main Menu

Step 2. The user then needs to select two-factor authentication and confirm the registration. 

Step 3. Once confirmed, the system will ask for a one-time password along with the username and password. 

This facility has been introduced on an optional basis. However, it will be made mandatory in near future.

register for 2-factor authentication

Drawbacks of 2FA Implementation

You must know that in the case of SMS and NIC-GST-Shield app, the OTP is sent to the registered mobile number of the authorised personnel of the GSTIN.

Suppose the invoicing team is not able to readily access such registered mobile numbers for OTP, it can lead to delays in generation of e-invoices/e-way bills, leading to business disruptions.

Alternate Secure Solutions to Avoid 2FA

No 2 Factor Authentication with Clear! Users on Clear e-Invoicing solution and Clear IRP enjoy faster and hassle-free experience of e-invoice and e-way bill generation every time. Here's how- 

  • With Clear, you will not have to deal with OTPs every time you log in, saving you time and hassle.
  • We’ve enabled smart security features to keep your data safe. Our solutions use SSL encryption and have security certifications such as ISO 27001, SOC-2, VAPT, and PCI-compliant.
  • We are an approved GSTN IRP provider, ensuring that your e-invoicing and e-way bills are fully compliant.
  • You can start generating e-way bills in just 150ms with Clear.
  • We maintain a 99.9% success rate in generating IRNs and e-Way bills.
  • Our support team is available 24/7 to assist you with any questions or issues.

Frequently Asked Questions

What is an example of two-factor authentication?

Below is an example of the two-factor authentication process:

  • The user visits the GST portal and enters a username and password.
  • The portal then prompts the user to initiate the second login step.
  • The user must provide a one-time code shared on the registered mobile number.
  • After providing the one-time code, the user is authenticated and granted access to the portal.
How secure is two-factor authentication?

Two-factor authentication (2FA) adds another layer of security to the entire authentication process by making it difficult for attackers to gain access to an assessee’s accounts because, even if the assessee’s password is hacked, the password alone isn’t enough to pass the authentication check. Yet, if a third party solution has necessary certifications for data security and data privacy such as SSL encryption, SOC-2 auditted, ISO 27001 certified, then 2FA need not be required.

Is 2FA mandatory in e-invoicing?

As of today, using two-factor authentication is not mandatory for everyone under e-invoicing on the NIC but only a notified few. However, it will be mandatory soon as two-factor authentication is a much-needed measure to comply with particular password restrictions. As per update from NIC in September 2023, the 2FA is mandatory from 21st August 2023 for taxpayers with annual aggregate turnover more than Rs.100 crore. Thereafter, it applies to those with annual turnover over Rs.20 crore from 1st November 2023 onwards.

Is 2 factor authentication mandatory for GST?

No, the 2-factor authentication is not mandatory for GST portal login. It is made mandatory for logging into the e-way bill and e-invoicing portals.

How to disable 2 factor authentication in e-way bill portal?

You may de-register this facility anytime when it was optional using the link ‘2 Factor Authentication Registration / Deregistration'. However, once it was made mandatory, then you cannot disable it.

About the Author
author-img

Annapoorna

Assistant Manager - Content
social icons

I preach the words, “Learning never exhausts the mind.” An aspiring CA and a passionate content writer having 4+ years of hands-on experience in deciphering jargon in Indian GST, Income Tax, off late also into the much larger Indian finance ecosystem, I love curating content in various forms to the interest of tax professionals, and enterprises, both big and small. While not writing, you can catch me singing Shāstriya Sangeetha and tuning my violin ;). Read more

summary-logo

Quick Summary

NIC has introduced two-factor authentication (2FA) for e-invoice and e-way bill users, requiring OTP along with username and password. The implementation aims to enhance security but may cause inconvenience. NIC offers multiple modes for OTP delivery, and Clear e-Invoicing provides an alternative solution without 2FA. Users have the option to register for 2FA voluntarily now, but it will be mandatory in the future.

Was this summary helpful?
liked-feedbackliked-feedback

BROWSE BY TOPICS
Income Tax e-Filing
Last Date To File ITR For 2022-23
Income Tax Slabs FY 2023-24
Which Is Better: Old vs New Tax Regime For Salaried Employees?
House Property
Business, Professional & Freelance
Which ITR Should I File?
Income Tax Refunds
Paying Tax Due
Salary Income
Capital Gains Income
Other income sources
Advance Tax
NRI
HUF
Income Tax Notices
RELATED ARTICLES
48th GST Council Meeting Highlights: Live Updates, Agenda, Expectations, and Latest News
How to use Digital Signature for an e-Invoice
Generation of QR Code in the e-Invoice
Step-by-Step Process to Generate an e-Invoice and IRN
Invoice Reference Number (IRN) in e-Way bill system
Advantages and Disadvantages of E-Invoicing System Under GST
GST E-Invoicing API : Who can get APIs of e-Invoices, Pre-requisites and Best Practices
e-Invoice Limit 5 Crore | GST e-Invoicing for businesses above Rs.5 crore turnover
POPULAR ARTICLES
Invoicing Under GST
Sections 206AB and 206CCA of Income Tax: Analysis, Applicability and FAQs
Time limit to Issue Invoices, Bill of Supply, Debit Notes, Credit Notes etc under GST
All about Proforma Invoice under GST
Invoice Matching Under Goods and Services Tax
Experience of Day One of Uploading Invoices on GSTN Portal By Cleartax
All About Invoicing and Billing
All about Estimates in business
e-Invoice Limit 5 Crore | GST e-Invoicing for businesses above Rs.5 crore turnover
YOU MIGHT BE INTERESTED IN
GST Collection August 2022
How to Manage Customer Outstanding Using Billing Software?
Clear Logo
Follow us on
FacebookTwitterLinkedInGitHubInstagram
Have a query?
Support
Company
About us
Contact us
Careers
Media & Press
User reviews
Engineering blog
Clear Library
FinTech glossary
ClearTax Chronicles
GST Product Guides
Trust & Safety
Cleartax(Saudi Arabia)

Clear offers taxation & financial solutions to individuals, businesses, organizations & chartered accountants in India. Clear serves 1.5+ Million happy customers, 20000+ CAs & tax experts & 10000+ businesses across India.

Efiling Income Tax Returns(ITR) is made easy with Clear platform. Just upload your form 16, claim your deductions and get your acknowledgment number online. You can efile income tax return on your income from salary, house property, capital gains, business & profession and income from other sources. Further you can also file TDS returns, generate Form-16, use our Tax Calculator software, claim HRA, check refund status and generate rent receipts for Income Tax Filing.

CAs, experts and businesses can get GST ready with Clear GST software & certification course. Our GST Software helps CAs, tax experts & business to manage returns & invoices in an easy manner. Our Goods & Services Tax course includes tutorial videos, guides and expert assistance to help you in mastering Goods and Services Tax. Clear can also help you in getting your business registered for Goods & Services Tax Law.

Save taxes with Clear by investing in tax saving mutual funds (ELSS) online. Our experts suggest the best funds and you can get high returns by investing directly or through SIP. Download Black by ClearTax App to file returns from your mobile phone.

Cleartax is a product by Defmacro Software Pvt. Ltd.

Company PolicyTerms of use

ISO

ISO 27001

Data Center

SSL

SSL Certified Site

128-bit encryption