Centre Bans Apps Enabling Remote Shutdown of E-Rickshaws
The Indian government has taken decisive action by removing two smartphone applications from app stores following reports that they could be used to remotely disable e-rickshaws. This move addresses growing cybersecurity concerns regarding internet-connected vehicle management systems used in the country's massive electric three-wheeler segment.
The BAT-BMS Security Breach
The crackdown was triggered after reports emerged that the Chinese-developed application, BAT-BMS, was being misused to render e-rickshaws inoperable. Developed by Shenzhen Grenergy Technology in China, the app was originally designed as a legitimate tool for monitoring lithium battery parameters like voltage and temperature.
However, viral social media videos surfaced showing individuals using the app to switch off the battery's discharge function via Bluetooth connectivity. These actions left drivers stranded on roads, with some even reporting that they had to pay strangers to help restart their vehicles after being targeted by these remote shutdowns.
Vulnerabilities in Battery Management Systems
Preliminary findings by government officials highlight a significant security gap in the budget e-rickshaw market. Many vehicles currently operating in India utilize Chinese-manufactured Battery Management Systems (BMS) that lack essential security protocols.
The core issue lies in the absence of password protection or robust authentication features. Because these Bluetooth-enabled lithium batteries allow wireless connections within a limited range, unauthorized users can easily pair with the battery and manipulate its power output. This lack of digital "locks" makes the vehicle's propulsion system vulnerable to anyone with the right application and proximity.
Government Intervention and App Store Accountability
IT Secretary S Krishnan confirmed the removal of the applications during a CII Cybersecurity Summit, stating that both apps were taken down immediately after coming to the authorities' notice. The government is now set to engage with major app store providers to demand greater scrutiny and due diligence. The goal is to ensure that potentially harmful or exploitable applications are identified and blocked before they reach the public.
In tandem with the central government's action, the Delhi government has directed its transport department to investigate the authenticity of the BAT-BMS application. Transport Minister Pankaj Singh noted that officials are examining the matter closely to understand the full extent of the risk posed to the e-mobility ecosystem.
Key Takeaways
- Immediate Action Taken: The Centre has removed two apps, including the BAT-BMS app, from digital stores to prevent the remote disabling of e-rickshaws.
- Critical Security Flaw: Budget e-rickshaws using unsecured Chinese-manufactured Battery Management Systems (BMS) lack the password protection needed to prevent Bluetooth-based hacking.
- Call for Due Diligence: The government is pushing app store operators to implement stricter vetting processes to prevent harmful applications from being distributed.
