
3 min readUpdated: Jul 3, 2026 04:27 PM IST
Many e-rickshaws continue to use lead-acid batteries, while several lithium-powered vehicles rely on proprietary battery management systems that cannot be accessed through applications like BAT-BMS. (Express file photo)
The government has directed Apple and Google to take down at least three apps over reports of them being misused to remotely switch off some e-rickshaws, raising concerns over passenger safety and cybersecurity.
The move follows the circulation of videos on social media showing individuals connecting to nearby e-rickshaws through Bluetooth and disabling their battery systems while the vehicles were in motion. The apps that have been directed to be blocked include BAT-BMS, Lossigy, and Epoch Li-ion. At least two of these are of Chinese-origin.
Confirming the blocking action, IT Secretary S Krishnan said, “…there are a couple of apps, which came to our notice yesterday and both of them have been taken down from the app stores.” Speaking on the sidelines of the CII Cybersecurity Summit, Krishnan also said that the government will take up the issue with app store providers to ensure that potentially harmful apps are not made available. At the time of publishing, the apps were available on the two app stores.
The BAT-BMS app was originally developed by China’s Shenzhen Grenergy Technology as a legitimate battery management tool for Bluetooth-enabled lithium-ion batteries. It allows users to monitor a battery’s state of charge, voltage, current, temperature, charging cycles and overall health. The application also enables compatible users to control charging and discharging functions, making it useful for battery diagnostics and maintenance. According to its Play Store listing, the app can connect wirelessly to batteries over Bluetooth Low Energy (BLE) within an operating range of around 15 metres. Such apps are typically designed to be used at service centres for battery-related diagnostics.
The primary concern, however, lies with the security configuration of some battery management systems (BMS) used in low-cost electric vehicles. A Battery Management System is the electronic controller that monitors and protects lithium-ion battery packs by regulating charging, discharging, temperature and cell balance. The apps in question could connect to the BMS within a limited range, and be used to cut battery power, bringing the vehicle to a sudden halt.
This was primarily a problem in electric e-rickshaws, which use low-cost Chinese-made BMS without adequate password protection or default credentials. As a result, anyone standing within Bluetooth range may be able to pair with the battery using compatible applications such as BAT-BMS and disable the battery’s discharge function. Since the discharge circuit supplies power to the motor, switching it off can immediately immobilise the vehicle.
Sources said that this is not a sophisticated hacking attack but rather the exploitation of weak security settings on connected battery systems. The app itself does not automatically gain control over every electric vehicle. It only works with batteries that support compatible Bluetooth-enabled BMS hardware. Many e-rickshaws continue to use lead-acid batteries, while several lithium-powered vehicles rely on proprietary battery management systems that cannot be accessed through applications like BAT-BMS.
© The Indian Express Pvt Ltd
Soumyarendra Barik is a Special Correspondent with The Indian Express, specializing in the complex and evolving intersection of technology, policy, and society. With over five years of newsroom experience, he is a key voice in documenting how digital transformations impact the daily lives of Indian citizens.
Expertise & Focus Areas Barik’s reporting delves into the regulatory and human aspects of the tech world. His core areas of focus include:
The Gig Economy: He extensively covers the rights and working conditions of gig workers in India.
Tech Policy & Regulation: Analysis of policy interventions that impact Big Tech companies and the broader digital ecosystem.
Digital Rights: Reporting on data privacy, internet freedom, and India's prevalent digital divide.
Authoritativeness & On-Ground Reporting: Barik is known for his immersive and data-driven approach to journalism. A notable example of his commitment to authentic storytelling involves him tailing a food delivery worker for over 12 hours. This investigative piece quantified the meager earnings and physical toll involved in the profession, providing a verified, ground-level perspective often missing in tech reporting.
Personal Interests Outside of the newsroom, Soumyarendra is a self-confessed nerd about horology (watches), follows Formula 1 racing closely, and is an avid football fan.
Find all stories by Soumyarendra Barik here. ... Read More
Tags:
e rickshaw
View original source — Indian Express ↗
