Two factor authentication deadline for demat account holders ends today; here’s how to apply

Earlier in June, National Stock Exchange (NSE) released a circular saying that customers should enable 2-factor authentication (2FA) using knowledge/ possession factor and biometric authentication.

What is a Demat account?

Any individual who wishes to invest in the stock market, i.e. buy or sell shares, in India needs a demat account. It is a platform for investors to hold their shares and securities like mutual funds, bonds, etc. digitally in an electronic format. Demat is short for ‘Dematerialised’ which in this sense means ‘converted from physical to electronic form’. Demat accounts are revolutionary in the sense that these have wiped out the need for physical certificates and the risks related to them.

An individual’s demat account is linked to his/her trading account. This smoothens the process of online trading and enables easy accessibility and tracking.

In India, demat account services are primarily provided by two depository bodies known as NSDL and CDSL. These services are further facilitated by numerous “depository participants” such as banks, which act as intermediaries.

Also Read: Today is the deadline for RBI’s tokenization of debit, credit cards: What does it mean?

Knowledge factor authentication is done with something that only the user knows, such as a password, while possession factor includes something that only the user has access to, such as a one-time password (OTP) or a token generated on an authenticator app. Biometric authentication, as the name suggests, uses fingerprint scanning, face recognition or voice recognition.

Also Read: Demat account login to credit/debit card new rules from October: 5 things to know

Here’s how to enable two-factor authentication?

NSE in its circular said users should preferably use biometric authentication as one of the authentication factors along with the knowledge factor or possession factor. In cases where biometric authentication is not possible, users should use both knowledge and possession factors in addition to the user ID for 2FA. “In case of OTP, the same should be sent to clients through both email and SMS on their registered email ID and Mobile number,” the circular said.

Informing its users, Zerodha on its website said “As per new exchange regulations (PDF), it is mandatory to enable TOTP (Time-based OTP) 2Factor login on your account before 30th Sep 2022, failing which, you will not be able to login to Kite.” Kite is Zerodha’s trading platform

TOTP is generated for a short time period of 20-30 seconds on an authenticator app, such as Google authenticator, Authy, Microsoft Authenticator.