The Pension Fund Regulatory and Development Authority (PFRDA) has announced that it has upgraded the security layers of the National Pension System (NPS) by introducing a new step, which will be mandatory starting from April 1, 2024. It has said that the two-factor Aadhaar-based authentication will be a must for all password-based users logging into the CRA system.

This directive is part of a comprehensive standard operating procedure (SOP) issued to Government Nodal Offices, aiming for a smooth transition to the new system. This was announced in a circular issued on March 15, 2024.

How will it work

The PFDRA has said an Aadhaar-based login authentication will be integrated with the current user ID and password-based login process to make the NPS central record-keeping agency or CRA system accessible through two-factor authentication.

At present, nodal offices under Central and State Governments, including their Autonomous organisations, can use a password to access the CRA for NPS transactions.

From April 1, 2024, the CRA system will use Aadhaar-based authentication for login. The Aadhaar-based login authentication will be linked with the present User ID and Password login method, providing 2-factor authentication for accessing the CRA system.

Benefits of the enhanced system

More security: The two-factor authentication is a strategic move to significantly diminish the risk of unauthorised access, ensuring that only verified users can log into the CRA system.

Extra layer: By adding an extra layer of security, the PFRDA is taking a proactive step to safeguard NPS transactions and protect the interests of subscribers and stakeholders alike.

Aadhaar Linkage: The new security protocol requires Nodal Offices under the Government Sector to link their Aadhaar with their respective CRA User IDs. This process enables a two-factor authentication system using Aadhaar OTP (One-time password), providing an additional security feature for accessing the CRA system.

Smooth NPS activities: Government offices and Autonomous Bodies must adopt the necessary framework to facilitate Aadhaar-based login and authentication for carrying out all NPS-related activities.

Access bars to NPS CRA

Access to the Central Recordkeeping Agency (CRA) may be restricted under certain conditions, as outlined by the NSDL NPS CRA. The access can be denied if:

Incorrect User ID: Entry of an invalid user ID will prevent access to the CRA.

Incorrect Password: Repeated entry of an incorrect password will trigger a security lockout.