Government orders removal of apps used to remotely disable e-rickshaws across India
Authorities have banned two smartphone applications, including a Chinese app, after discovering they were being misused to remotely shut down e-rickshaws. The apps exploited unsecured Bluetooth connections in battery systems, leaving drivers stranded.
The government has taken action against smartphone applications being weaponised to remotely disable e-rickshaws, ordering their removal from digital app stores nationwide. Two applications, including the Chinese BAT-BMS app, have been pulled following reports that criminals and miscreants were exploiting these tools to immobilise vehicles without driver knowledge or consent.
The applications in question were originally designed for legitimate battery management purposes, allowing users to monitor and control e-rickshaw battery systems through their smartphones. However, authorities discovered that the unsecured Bluetooth connectivity features built into these apps created a critical security vulnerability. Malicious actors were exploiting this loophole to connect to unprotected battery systems remotely and force them offline, effectively stranding drivers on roads and rendering their vehicles inoperative.
The misuse of these battery management apps represents a serious threat to the livelihoods of e-rickshaw operators across India's cities. Drivers suddenly losing vehicle control mid-journey creates safety hazards for passengers and disrupts commercial operations. The incidents prompted immediate government intervention, with authorities coordinating with major app distribution platforms to remove the problematic applications from their stores.
Beyond simply removing the apps, the government is pushing app store operators to strengthen their vetting procedures and security protocols. Officials have urged platforms like Google Play Store and Apple App Store to implement more rigorous scrutiny before permitting applications that access critical vehicle or infrastructure systems. This includes mandatory security audits, verification of developer credentials, and continuous monitoring for misuse patterns.
The action reflects growing concerns about smartphone-enabled vulnerabilities in India's rapidly expanding electric vehicle ecosystem. E-rickshaws have become crucial for last-mile urban transportation, particularly in tier-2 and tier-3 cities. The discovery of this exploitation method has exposed significant gaps in device security and raised questions about how manufacturers are implementing Bluetooth protections.
Manufacturers of e-rickshaw battery systems are also being advised to upgrade security features, including password protection and encryption for Bluetooth connectivity. The government's move signals that further regulatory measures may follow if app stores and device makers do not adequately address these security shortcomings.
Source: TOI India