Amid the rising number of online fraud cases nationwide, the Pension Fund Regulatory and Development Authority (PFRDA) is set to revamp the current login process for National Pension System (NPS) accounts by April 1, 2024.

The pension regulatory body recently announced an enhanced security system. They have implemented a two-factor Aadhaar authentication and made the new security mandatory for all password-based users logging into the Central Recordkeeping Agency (CRA) system of the NPS from April 1, 2024.

The PFRDA notification said, “To enhance the security measures in accessing the CRA system and safeguard the interests of subscribers and stakeholders, it has been decided to bring in additional security features through Aadhaar-based authentication for login to the CRA system."

“The Aadhaar-based login authentication will be integrated with the current user ID and password-based login process so as to make the CRA system accessible through 2 Factor Authentication," the notification added.

Under the new security system, NPS subscribers can access their accounts only after Aadhaar-based authentication and entering the OTP sent to their registered mobile number.

NPS new login rules: What is two-factor Aadhaar authentication system?

The two-factor Aadhaar authentication system is add-on checks to validate the genuineness of the fingerprint and further reduce spoofing attempts, thereby making Aadhaar-authenticated transactions much more secure and robust.

NPS new login rules: Benefits of two-factor authentication feature

The integration of Aadhaar-based login authentication aims to fortify the overall authentication and login framework of the NPS CRA system. As per the PFRDA statement dated March 15, 2024, the new security system will provide (i) increased security and (ii) enhanced protection.

The two-factor approach significantly reduces the risk of unauthorised access to the CRA system, the PFRDA said, adding that this additional layer safeguards NPS transactions and protects the interests of both subscribers and stakeholders.

NPS new login rules: What will be the new login mechanism?

As per the PFRDA circular, an Aadhaar-based login authentication will be integrated with the current User ID and Password-based login process, enabling 2-Factor Authentication for accessing the NPS CRA system.

Visit the NPSNPS website: https://enps.nsdl.com/eNPS/NationalPensionSystem.html

Go to ‘Login with PRAIN/IPIN’

Click the PRAIN/IPIN tab, and a new window will open

Enter your user ID and password

Enter Captcha

The window will prompt for Aadhaar authentication and send an OTP on your registered mobile number

window will prompt for Aadhaar authentication and send an OTP on your registered mobile number Enter the OTP

You will access your NPS account

NPS new login rules: Aadhaar mapping

According to the PFRDA circular, “User IDs of Nodal offices under the Government Sector (Central/State/CAB/SAB) shall be permitted to login to the CRA system (CRA & NPSCAN) using 2-Factor Authentication through Aadhaar OTP (One-time password). The Oversight Office (PrAO/DTA) must initially link their Aadhaar with their respective CRA User ID, enabling underlying users to initiate Aadhaar Mapping. Similarly, PAO/DTO must link their Aadhaar with their respective CRA User ID, allowing underlying DDOs to initiate Aadhaar linking."

NPS new login rules: When will access to the NPS account be denied?

As per the new two-factor Aadhaar authentication system, the NPS CRA will deny access to an account if the user enters an incorrect password for five consecutive attempts, and the account will be locked. However, the user will have the option to reset the password by answering the secret question even after the account is locked.

“As a safety measure to prevent unauthorised access, the account will be locked if the user enters an incorrect password for five consecutive attempts. The user will have the option to reset the password by answering the secret question even after the account is locked. In case the user is not able to remember the answer to the secret question and is unsuccessful in resetting the password, the user shall have to submit a request for reissue of I-Pin," the PFRDA circular dated February 20, 2024 read.

The PFRDA has also directed all offices under the Government Sector and Autonomous Bodies to implement the necessary framework for the additional features of Aadhaar-based login and authentication in the CRA system to carry out all NPS-related activities before April 1.

