Over the past week, scores of reels showing e-rickshaws grinding to a halt went viral on social media. The videos appeared to show miscreants and pranksters using the Chinese app BAT-BMS to connect to the vehicles and cut off the “discharge” function. Anyone standing within 10 to 15 metres could reportedly connect to a vehicle via Bluetooth.
The uproar on social media prompted the government to take notice and issue an “urgent advisory” to the auto industry on critical vulnerabilities in electric vehicles.
Why did the government step in?
In a letter to the Society of Indian Automobile Manufacturers (SIAM), the Automotive Component Manufacturers Association of India (ACMA), and testing agencies such as the Automotive Research Association of India (ARAI), iCAT, NATRAX and GARC, the Ministry of Heavy Industries said the vulnerability requires immediate attention.
MUST READ | Switching off e-rickshaw via Chinese app: ‘Prank’ could cost you ₹5 lakh & 3 years in jail
BAT-BMS, an app developed by China’s Shenzhen Grenergy Technology, was allegedly used to shut down moving e-rickshaws in India.
Where is the security gap?
While the app itself is a legitimate tool designed to manage Bluetooth-enabled battery systems, the government said a serious security loophole emerges when low-cost lithium battery packs are deployed with default factory settings, weak passwords, or no Bluetooth authentication at all.
While the Ministry of Electronics and Information Technology (MeitY) has already removed BAT-BMS, Epoch Li-ion, SMART BMS and Lossigy from app stores, removing the apps addresses only the symptom. The government has warned that the underlying vulnerability in these communication interfaces remains.
DON’T MISS | Respite for e-rickshaw drivers, commuters! Apps enabling pranksters to stop vehicles remotely deleted, says MeiTY
The advisory cautioned that recent safety updates do not guarantee absolute immunity from cyber threats.
What has the industry been asked to do?
To safeguard the industry from cyber threats, the government advised SIAM and all testing agencies to take immediate steps. These include urging automakers to audit their battery communication interfaces and eliminate unsecured default settings, weak authentication and unprotected over-the-air pathways.
The industry has been advised to work directly with the Ministry of Road Transport and Highways (MoRTH), MeitY and other key stakeholders to establish stronger and more resilient cyber-safety design protocols at the factory level.
MUST READ | Why e-rickshaws are suddenly stopping on the road? The Chinese BAT-BMS app behind it
What happens next?
MoRTH’s draft notification proposes a phased rollout of these standards starting October 1, 2026. “Manufacturers must begin building systematic Cyber Security Management Systems (CSMS) and Software Update Management Systems (SUMS) now. This includes securing over-the-air (OTA) updates, implementing robust user authentication and validating software integrity,” the advisory noted.
The government has also asked the industry to report any vulnerability or related information immediately.
e-rickshaw shutdown app, BAT-BMS app, what is the app that can shut down e-rickshaw, chinese e-rickshaw shutdown app, BAT=-BMS chinese app#Explainer #Chinese #app #erickshaw #shutdowns #govt #planning #plug #Indias #cyber #scare1783581298












