Centre Removes Apps After Reports of Remote E-Rickshaw Shutdowns
The Indian government has taken decisive action by removing two smartphone applications from app stores following alarming reports that e-rickshaws could be remotely disabled. This move comes as authorities investigate cybersecurity vulnerabilities in internet-connected vehicle management systems used across the country.
The BAT-BMS App Controversy and Remote Disabling
The crackdown was triggered by the emergence of the BAT-BMS application, developed by Shenzhen Grenergy Technology in China. While the app was designed as a legitimate tool to monitor lithium battery parameters—such as voltage and temperature—it has allegedly been exploited to disrupt transport services.
Viral videos on social media showed individuals successfully stopping e-rickshaws in motion by using the app to switch off the battery's discharge function. These incidents have left drivers stranded on roads, with some even reporting that they had to pay strangers to help restart their vehicles after being targeted by these remote shutdowns.
Vulnerabilities in Chinese-Manufactured Battery Systems
Investigations into the matter have highlighted a significant cybersecurity gap in the budget e-rickshaw segment. Many vehicles in India are equipped with Chinese-manufactured Battery Management Systems (BMS) that possess limited security features.
According to government officials, these systems often lack essential password protection or robust authentication protocols. This technical flaw allows any user within Bluetooth range to wirelessly connect to the lithium battery and manipulate its power output. The BAT-BMS app exploits this lack of security to gain unauthorized control over the vehicle's energy supply.
Government Response and Call for App Store Scrutiny
Speaking at the CII Cybersecurity Summit, IT Secretary S Krishnan confirmed that the two identified applications have been taken down from app stores. He emphasized that the government would engage with app store providers to demand greater due diligence. The goal is to ensure that potentially harmful or exploitable applications are rigorously scrutinized before being made available to the public.
In Delhi, the situation has prompted further administrative action. Transport Minister Pankaj Singh stated that officials have been directed to verify the authenticity of the BAT-BMS application and investigate the claims regarding Bluetooth connectivity risks. The Delhi government's transport department is currently examining the matter to prevent further exploitation of the city's e-rickshaw fleet.
Key Takeaways
- Immediate Action Taken: The Centre has successfully removed two controversial apps from digital storefronts to prevent further remote tampering with e-rickshaws.
- Security Flaws Identified: Budget e-rickshaws using unsecured Chinese-manufactured Battery Management Systems (BMS) are highly vulnerable to Bluetooth-based attacks due to a lack of authentication.
- Stricter Oversight Demanded: The government is pushing app stores to implement more rigorous vetting processes to prevent the distribution of applications that can compromise vehicle safety and security.
