The Pension Fund Regulatory and Development Authority (PFRDA) has enhanced the security of the National Pension System (NPS) by introducing a new security layer, two-factor Aadhaar-based authentication, which will be mandatory for all password-based users logging into the CRA system beginning April 1, 2024. The PFRDA made this announcement via a circular issued on March 15, 2024.
NPS: What are the benefits of this security feature
Increased Security
The two-factor approach significantly reduces the risk of unauthorized access to the CRA system.
Enhanced Protection
This additional layer safeguards NPS transactions and protects the interests of both subscribers and stakeholders.
Also read: How to open an NPS account online
What will be the new login mechanism now for NPS CRAs?
As per the circular, an Aadhaar-based login authentication will be integrated with the current user ID and password-based login process to make the NPS central record-keeping agency or CRA system accessible through two-factor authentication.
Also read: NPS investment can save you tax on income up to Rs 9.5 lakh under old, new tax regime
Why is the existing NPS CRA system being changed?
According to the PFRDA circular, “The Nodal Offices under Central and State Governments including their associated Autonomous Bodies currently utilize a password-based login to access the Central Recordkeeping Agency (CRA) for NPS transactions.”
Additional Security Feature
Currently, Nodal Offices under Central and State Governments, including their Autonomous organisations, utilise a password to access the CRA for NPS transactions. To improve security and protect the interests of subscribers and stakeholders, the CRA system will now use Aadhaar-based authentication for login. The Aadhaar-based login authentication will be linked with the present User ID and Password login method, providing 2-factor authentication for accessing the CRA system.
Aadhaar Mapping
According to the PFRDA circular dated March 15, 2024, “User IDs of Nodal offices under the Government Sector (Central/State/CAB/SAB) shall be permitted to login to the CRA system (CRA & NPSCAN) using 2-Factor Authentication through Aadhaar OTP (One-time password). The Oversight office (PrAO/DTA) must initially link their Aadhaar with their respective CRA User ID, enabling underlying users to initiate Aadhaar Mapping. Similarly, PAO/DTO must link their Aadhaar with their respective CRA User ID, allowing underlying DDOs to initiate Aadhaar linking.”
Performance of NPS Activities
Government and autonomous bodies must deploy Aadhaar-based login and authentication in the CRA system for NPS operations.
PFRDA in the latest circular informed a detailed standard operating procedure (SOP) along with the process flow to Government Nodal Offices and engage extensively with Nodal Officers to make them aware of the changes thereby ensuring a seamless transition.
When would access to NPS CRA be denied?
According to the NSDL NPS CRA website (https://www.cra-nsdl.com/Static/html/help-ipin-dsc.html) as of February 21, 2024 access to CRA may be denied due to the following reasons:
- Incorrect user ID
- Incorrect password
As per the PFRDA circular dated February 20, 2024, “As a safety measure to prevent unauthorised access, the account will be locked if the user enters an incorrect password for five consecutive attempts. The user will have the option to reset the password by answering the secret question even after the account is locked. In case the user is not able to remember the answer to the secret question and is unsuccessful in resetting the password, the user shall have to submit a request for reissue of I-Pin.”