New security measure for NPS: Two-factor Aadhaar authentication now mandatory from April 1; here’s all you need to know | India Business News – Times of India

New NPS Aadhaar authentication: The Pension Fund Regulatory and Development Authority (PFRDA) has taken a significant step to bolster the security of the National Pension System (NPS). Effective April 1, 2024 all users accessing the Central Recordkeeping Agency (CRA) system must undergo mandatory two-factor authentication using Aadhaar credentials. As per an ET report, this measure aims to fortify the protection of NPS transactions and the interests of its stakeholders, as outlined in a circular released by the PFRDA on March 15, 2024.

Benefits of two-factor authentication

New login mechanism

According to the circular, Aadhaar-based login authentication will be added to the existing user ID and password-based login process. This change will enable access to the NPS CRA system through two-factor authentication.
ALSO READ | RBI aims to protect Aadhaar-enabled Payment Systems (AePS) from fraud; here’s how

Aadhaar-based authentication for CRA access

The PFRDA circular states that Nodal Offices under Central and State Governments, along with their associated Autonomous Bodies, currently use a password-based login to access the Central Recordkeeping Agency (CRA) for NPS transactions.
To enhance security and safeguard the interests of subscribers and stakeholders, the CRA system will implement Aadhaar-based authentication for login. This authentication method will be linked with the existing User ID and Password login process, ensuring two-factor authentication for accessing the CRA system.

Aadhaar Mapping process

According to the PFRDA circular dated March 15, 2024, Nodal offices under the Government Sector (Central/State/CAB/SAB) can use Aadhaar OTP for 2-Factor Authentication to access the CRA system (CRA & NPSCAN). The Oversight office (PrAO/DTA) and PAO/DTO must link their Aadhaar with their CRA User ID to enable Aadhaar Mapping for underlying users. Similarly, this linking allows underlying DDOs to initiate Aadhaar linking.
ALSO READ | Atal Pension Yojana: Know about Aadhaar seeding and onboarding facility for APY – details here

Performance of NPS activities

Government and autonomous bodies are required to implement Aadhaar-based login and authentication for NPS operations within the CRA system.

Ensuring smooth transition

PFRDA has issued a comprehensive standard operating procedure (SOP) and process flow in its latest circular, aiming to guide Government Nodal Offices through the transition. Extensive engagement with Nodal Officers will ensure they are well-informed about the changes, facilitating a smooth transition process.

Preventing unauthorised access

Access to CRA may be denied due to the following reasons, as stated on the NSDL NPS CRA website as of February 21, 2024:
1. Incorrect user ID
2. Incorrect password
Additionally, as per the PFRDA circular dated February 20, 2024, to prevent unauthorised access, the account will be locked if the user enters an incorrect password for five consecutive attempts. Users can reset their password by answering a secret question, even after the account is locked. If the user cannot remember the answer to the secret question or is unsuccessful in resetting the password, they must submit a request for reissue of I-Pin.