To improve security and transparency in taxpayer interactions via third-party providers, the GSTN is set to introduce enhanced controls over data access and consent management involving Application Suvidha Providers (ASPs) and GST Suvidha Providers (GSPs). These enhancements are intended to strengthen the safeguards on taxpayer data shared through API integrations.

Two key security enhancements will soon be rolled out:

1. Real-time Consent Notifications: Taxpayers will receive alerts via email and / or SMS every time an ASP gains data access by successfully obtaining the taxpayer’s OTP-based consent.

Notifications will contain:

1. • Name of the ASP and the underlying GSP
   • Date and time of the OTP consent
   • Validity period of the consent
2. Consent Management Dashboard on GST Portal: A new feature will be introduced on the GST Portal, allowing taxpayers to view both current and historical ASP/GSP access instances. Taxpayers will also be able to revoke any active consents from within their dashboard.

The go-live date of these features will be announced through separate advisories.