Govt. Bans Three E-Vehicle Apps Amid Remote Shutdown Fears

New Delhi: The Central government has ordered the removal of three battery management applications—BAT-BMS, Epoch-i-ion, and Lossigy—from the Google Play Store and Apple App Store after they were allegedly found to pose serious security risks by enabling the remote shutdown of electric vehicles, including e-rickshaws.

The action was taken by the Ministry of Electronics and Information Technology (MeitY) following reports that the apps were being misused to switch off moving e-rickshaws, raising concerns over passenger safety and cybersecurity. Officials said the matter is under investigation, and authorities are closely monitoring the situation to prevent further misuse.

E-Rickshaw Drivers Alarmed After Vehicles Stall Mid-Journey

The issue came to light after several e-rickshaw drivers, particularly in Patna, reported that their vehicles were suddenly losing power while on the move. Similar complaints have since emerged from other parts of the country.

At first, drivers suspected mechanical failures. However, technical inspections found no faults in the vehicles. Investigators instead traced the problem to Bluetooth-enabled lithium-ion battery systems fitted in many modern e-rickshaws.

How the Alleged Remote Shutdown Works

Most modern lithium-ion batteries are equipped with a Battery Management System (BMS) that allows users and technicians to monitor battery performance through a mobile application connected via Bluetooth.

According to investigators, if the battery’s Bluetooth connection is left unsecured or protected by a default password, anyone within Bluetooth range can connect to it using compatible apps such as BAT-BMS. Once connected, users can reportedly access battery controls, including a “discharge” function that instantly cuts off power to the vehicle, bringing it to a sudden halt.

Authorities believe anti-social elements may have exploited this vulnerability to disrupt vehicles on public roads.

Not Every E-Rickshaw Is at Risk

The security flaw primarily affects e-rickshaws powered by Bluetooth-enabled lithium-ion batteries. Vehicles using older lead-acid or dry batteries are not vulnerable because they lack wireless connectivity and advanced battery management systems.

Experts also note that the risk can be greatly reduced by changing the battery’s default Bluetooth password during installation. A secure password prevents unauthorized access, making it difficult for anyone to connect to the battery or interfere with the vehicle’s operation.

Focus on EV Cybersecurity

The incident has exposed a new cybersecurity challenge in India’s fast-growing electric mobility sector. While smart battery management systems improve performance and maintenance, weak security settings can leave vehicles vulnerable to unauthorized access.

With the investigation continuing, authorities are expected to examine whether stricter cybersecurity standards and mandatory security measures should be introduced for Bluetooth-enabled battery systems used in electric vehicles.

The removal of the three apps marks one of the government’s strongest actions so far against potential digital threats affecting electric mobility, underscoring the growing importance of cybersecurity as India’s EV ecosystem continues to expand.

Latest News