Stox N Tax

Fake GST Officers & Aadhaar Calls: Everything Indian Businesses Need to Know

1. Introduction

In the recent past, taxpayers and registered businesses under GST have increasingly reported instances where individuals claiming to be officers of the GST Department reach out via WhatsApp calls or ordinary phone calls, requesting Aadhaar seeding or sharing of Aadhaar details. While Aadhaar authentication is indeed a legitimate requirement under GST law, the mode and manner in which this is solicited raise serious concerns about taxpayer privacy, possible fraud, and non-compliance risks.

This detailed analysis aims to guide taxpayers, accountants, and business owners on the legal provisions regarding Aadhaar in GST, the genuine process for Aadhaar authentication, how to differentiate authentic departmental communication from fraudulent ones, and best practices to stay compliant and protected.

2. Relevant Legal Framework

2.1 Aadhaar Authentication under GST

The legal framework for Aadhaar in GST arises mainly from:

  • Section 25(6C) and 25(6D) of the CGST Act, 2017: Provides for Aadhaar authentication for registration.
  • Rule 8(4A) of the CGST Rules, 2017: Specifies that Aadhaar authentication is mandatory for new registrations and for certain existing taxpayers to ensure genuine businesses are registered.
  • Notification No. 62/2020 – Central Tax dated 20th August 2020: Operationalised Aadhaar authentication for GST registration applicants.
  • CBIC Circulars and Updates: Various clarifications issued on the need for Aadhaar authentication for registration and revocation of suspension.

In essence, for new registrations, Aadhaar authentication is part of the online registration process itself on the GST portal (www.gst.gov.in). For existing taxpayers, in some cases, Aadhaar authentication may be required during amendments or for revalidation of suspended registrations.

2.2 Modes of Communication Prescribed

There is no statutory mandate allowing or directing GST officers to collect Aadhaar numbers or OTPs via:

  • WhatsApp messages or calls,
  • Personal phone calls,
  • Informal emails.

All Aadhaar authentication under GST must be done by the registered user themselves through the official GST portal, using secured OTP-based online steps.

3. Emerging Concerns: Calls and WhatsApp Messages

3.1 Reports and Incidents

Businesses have received messages stating:

“Dear taxpayer, your GST number is pending Aadhaar seeding. Kindly share your Aadhaar copy or OTP to this number immediately to avoid suspension.”

Such messages can be misleading and open the door to:

  • Identity theft,
  • Financial fraud,
  • Unauthorised access to the GST portal,
  • Misuse of credentials for fake invoicing or circular trading.

3.2 Why This is Risky

  • Violation of Official Process: GST officers have no lawful power to conduct Aadhaar seeding manually via calls or WhatsApp. It must be taxpayer-initiated.
  • Data Security Risk: Sharing Aadhaar and OTP with unknown persons can compromise bank KYC, PAN-Aadhaar linkage, and even lead to fraud in other domains (e.g., telecom SIMs, financial accounts).
  • Lack of Record: Informal communications have no audit trail.

4. Genuine Aadhaar Authentication: The Official Process

4.1 For New Registrations

  1. File registration application on www.gst.gov.in.
  2. Provide Aadhaar details at the time of applying.
  3. System generates an OTP sent to the registered mobile and email linked to Aadhaar.
  4. Enter OTP — authentication completed.
  5. No officer intervention is needed if Aadhaar is authenticated successfully.

4.2 For Existing Registrants

In certain cases (like notices for authentication under Rule 8(4A)):

  • You will receive an official notice or pop-up on the GST portal.
  • Log in to the GST portal → Go to “My Profile” → Click on “Aadhaar Authentication Status” → Proceed with self-authentication.
  • OTP will be sent to the Aadhaar-linked mobile/email.
  • The status can be verified immediately.

4.3 For Suspended Registrations

  • If a registration is suspended for Aadhaar authentication, an official notice/order will be served through the portal and email linked to your GST account.
  • The taxpayer must comply through the portal only.

5. What if an Officer Calls or WhatsApps for Aadhaar?

5.1 How to Respond

  • Politely decline to share Aadhaar or OTP on call or WhatsApp.
  • Ask the officer to issue an official notice through the GST portal if anything is pending.
  • Verify the officer’s identity using the official directory on CBIC or state GST websites.

5.2 Report Suspicious Communication

  • File a complaint with the GST Helpdesk (1800-103-4786) or helpdesk@gst.gov.in.
  • Report to the local GST office in writing.
  • If fraud is suspected, lodge a complaint with the Cyber Crime Cell.

6. Practical Precautions for Taxpayers

Use only the GST Portal: Never share Aadhaar details or OTP with any person or over informal channels.

Enable Two-Factor Authentication: Secure your GST portal credentials.

Check Official Notices: Regularly log in to the GST portal to check for official notices and tasks.

Educate Staff: Ensure your accounts and compliance staff know that Aadhaar seeding is never done over calls.

Keep Contact Details Updated: Ensure that the email and mobile registered on GST portal are active and accessible.

7. Possible Genuine Scenarios

While random calls are suspicious, some scenarios are genuine:

ScenarioHow it is done
Aadhaar authentication pending for new registrationPrompt appears on the GST portal
Aadhaar update required for revocation of suspensionOfficial notice issued on portal
Verification by Proper Officer during physical verificationDone through an official visit and documented procedure

Key Point: Even then, no officer should ask for OTP or Aadhaar image over a personal number.

8. Latest Developments

  • As of 2024-25, CBIC is moving towards real-time Aadhaar verification integrated with UIDAI, strengthening the digital authentication process.
  • States are being directed to reduce physical verification by ensuring robust Aadhaar linkage at the portal level.
  • Several fraud advisories have been issued by CBIC warning taxpayers not to respond to unofficial requests.

9. Legal Recourse

If you fall victim to fraudulent collection of Aadhaar or misuse of GST credentials:

  • File an FIR under the IT Act, 2000 and IPC for impersonation and fraud.
  • Inform GSTN and request blocking of access.
  • Rectify returns or registrations promptly if any misuse occurs.

10. Conclusion

Aadhaar authentication under GST is an essential compliance to curb fake invoicing and benami businesses. However, taxpayers must stay vigilant against unauthorized, informal demands.

Rule of Thumb: If it’s not on the GST portal, it’s not official.

Always authenticate securely, never share sensitive data casually, and report suspicious communication immediately. As a Chartered Accountant, I strongly advise businesses to establish an internal SOP to handle such issues to protect themselves from regulatory, financial, and reputational harm.

11. Key Takeaways

✔ Aadhaar authentication is compulsory for certain GST actions — but must be done ONLY through the GST portal.
✔ No officer is empowered to collect Aadhaar or OTP on calls/WhatsApp.
✔ Any such request should be verified and reported immediately.
✔ Educate staff, secure credentials, and stay alert for scams.

References

  • CGST Act, 2017 — Section 25(6C), 25(6D)
  • CGST Rules, 2017 — Rule 8(4A)
  • CBIC Notifications & Circulars (Notification No. 62/2020 – Central Tax)
  • Official GST Portal: www.gst.gov.in

For further assistance, consult your Chartered Accountant or reach out to the GSTN helpdesk for official clarifications.

Leave a comment

Timeline of events