MeitY Probes Chinese App as Viral Pranks Expose India's E-Rickshaw Cybersecurity Flaw

Context mode is active. Hover over any highlighted term to see its definition. Click a nested term to go deeper.
India's Ministry of Electronics and Information Technology (MeitY) has launched a high-stakes probe into the Chinese BAT-BMS app, a critical move after viral videos showcased pranksters remotely disabling moving e-rickshaw, sparking widespread alarm over public safety and cybersecurity in the nation's burgeoning electric vehicle sector. The incident reveals a dangerous vulnerability where basic monitoring software turns into a 'kill switch' for unsecured vehicles. The core of the problem lies not in sophisticated hacking, but in poorly secured Battery Management System (BMS) within many low-cost e-rickshaw lithium batteries, particularly those from Chinese manufacturers, that lack basic password protection or use default open Bluetooth settings. This oversight allows anyone within a 10-15 meter Bluetooth range to connect via the BAT-BMS app, or similar tools like Lossigy, and cut power to the vehicle, leaving drivers stranded in traffic and highlighting deeper gaps in India's connected mobility ecosystem security. Experts are urgently calling for manufacturers to implement 'security-by-design' and for dealers to ensure proper authentication before vehicles hit the road. As MeitY assesses whether to block the app and consider broader regulatory interventions, this incident is accelerating ongoing efforts by the Ministry of Road Transport and Highways (MoRTH) to mandate stringent cybersecurity and software update standards (AIS-189 and AIS-190) for Indian vehicles, with a phased rollout already slated to begin in October 2026. This probe could lead to expedited enforcement and stricter requirements for the rapidly expanding EV market, pushing for stronger authentication and encryption in all connected transport. The BAT-BMS app is reportedly no longer available on Apple's App Store but remains on Google Play Store, intensifying calls for app store accountability.