Fri, 3 Jul 2026 · LIVE
Updated Jul 3, 2026 · 15:26
Technology News Updated Jul 3, 2026

Govt Bans Apps That Remotely Stop E-Rickshaws: Safety Fears Rise

The Indian government has ordered the removal of mobile apps like BAT-BMS, Lossigy, and Epoch i-ion from app stores over cybersecurity concerns. These apps can remotely disable the discharge function of Bluetooth-enabled lithium-ion batteries in e-rickshaws, causing sudden vehicle stoppages. Many e-rickshaws lack password protection on their battery management systems, making them vulnerable to anyone within Bluetooth range. The ministry is examining the security implications as drivers report repeated incidents of their vehicles being locked by unknown individuals.

How BAT-BMS and similar apps banned by govt can remotely stop e-rickshaws

New Delhi, July 3

The mobile applications, including Chinese BAT-BMS, have come under scrutiny after videos circulating on social media allegedly showed individuals remotely switching off moving e-rickshaws using their smartphones, raising concerns over safety and cybersecurity.

The Ministry of Electronics and Information Technology (MeitY) has directed Google Play Store and Apple App Store to remove such mobile applications -- the BAT-BMS, Lossigy and Epoch i-ion -- while examining its cybersecurity implications.

One of them was developed by China's Shenzhen Grenergy Technology for Bluetooth-enabled lithium-ion batteries.

It is designed to help battery owners monitor key parameters such as voltage, current, temperature, charging cycles and overall battery health in real time.

In addition, the app also allows users to manage certain battery functions, including turning the battery's discharge function on or off for maintenance and safety purposes.

In India, many e-rickshaw manufacturers use lithium-ion batteries equipped with Bluetooth-enabled Battery Management Systems (BMS). In several cases, these systems are installed without password protection or continue to operate using factory-default credentials.

As a result, anyone within Bluetooth range -- typically around 10 to 20 metres -- can connect to the battery using the BAT-BMS app or similar applications.

If connected successfully, the user can switch off the battery's discharge function, instantly cutting power to the vehicle.

Since the battery itself is disabled, the driver cannot restart the e-rickshaw using the ignition key. The vehicle can only be restored after reconnecting to the battery through the app and re-enabling the discharge function.

Speaking to IANS, an e-rickshaw driver said that the issue first came to light only a few days ago, when his vehicle suddenly stopped working.

"Initially, we thought there was a fault in the vehicle and took it to a mechanic. After checking it, he told us there was no mechanical problem. He said someone had switched off the battery using software," the driver said.

According to him, the mechanic charged around Rs 300 to reconnect the battery through a mobile application and restore power.

"He opened the app on his phone, switched the battery back on and the vehicle started working again," he said.

The driver claimed the problem had recurred while he was carrying passengers. "Someone switched it off again while I was on the road. We don't know who is doing it.

If the battery gets locked, it can only be unlocked through the same app. We are drivers, not technology experts, so we don't know how to deal with such issues," he told IANS.

Although the vulnerability is limited to vehicles that meet two conditions, they use Bluetooth-enabled lithium-ion batteries, and the battery management system lacks password protection or proper authentication.

Many e-rickshaws in India still operate on lead-acid batteries, which do not have Bluetooth-enabled battery management systems and are therefore not vulnerable to this issue.

Similarly, newer lithium-ion battery systems that use strong passwords, encryption or proprietary software cannot be accessed through generic battery management applications.

Meanwhile, passenger cars and most branded electric vehicles also incorporate multiple layers of cybersecurity and encrypted communication between their battery management systems and vehicle electronics, making such unauthorised access significantly more difficult.

— IANS

Reader Comments

Priya S

The government banning these apps is a good first step, but it won't solve the root cause. Thousands of e-rickshaws are already using these vulnerable batteries. We need a recall or firmware update campaign. Drivers can't be expected to become cybersecurity experts overnight.

Michael C

Classic case of cutting corners to save costs. Chinese manufacturers ship these BMS units with zero security because it's cheaper. India needs to mandate minimum cybersecurity standards for all imported electronics, especially those used in public transport. This is a wake-up call.

Sarah B

My father drives an e-rickshaw in Delhi. After reading this, I checked his battery and found it had no password! Luckily, I was able to set one through the app before someone could misuse it. This should be mandatory for all e-rickshaw associations to check. Safety first! 🇮🇳

Vikram M

While banning apps is easy, the government should also look at the bigger picture. Why are we still importing these vulnerable components from China? Atmanirbhar Bharat should include secure, indigenous battery management systems. This is a national security issue as much as a safety one.

Aman W

The mechanic charging Rs 300 to switch the battery back on is also exploiting the situation. But honestly, this whole system is flawed. We're in 2024, and a Bluetooth-connected battery can be hacked like a toy? Government should make it illegal to sell any IoT device without proper authentication enabled by default. 🙏

We welcome thoughtful discussions from our readers. Please keep comments respectful and on-topic.

Reader Voices

Leave a comment

Be kind. Add to the conversation. 0/50
Thank you — your comment has been submitted.
JS blocked