Government Responds After Viral Videos Raise Safety Concerns
The Ministry of Electronics and Information Technology (MeitY) has directed Google and Apple to remove several e-rickshaw battery management apps after reports linked them to a serious Bluetooth BMS vulnerability. The move follows a series of viral videos showing some e-rickshaws stopping suddenly on busy roads. As a result, road safety concerns quickly spread across the country.
According to government officials, investigators are examining whether these applications allowed unauthorized users to remotely disable compatible lithium-ion batteries. Meanwhile, authorities have also started reviewing similar software that could pose comparable risks.
Why Were E-Rickshaws Suddenly Shutting Down?

Featured image illustrating the reported Bluetooth BMS vulnerability that allegedly allowed some e-rickshaws to shut down remotely, prompting MeitY to direct Google and Apple to review and remove certain battery management apps.
Many drivers reported that their vehicles stopped without warning. Initially, they suspected mechanical failures. However, technicians found no problems with the motor, brakes, or electrical wiring.
Instead, investigators focused on the Battery Management System (BMS) inside the lithium-ion battery. The BMS communicates with mobile apps through Bluetooth and helps users monitor battery voltage, charging status, temperature, and battery health.
Unfortunately, some systems continued using factory-default Bluetooth passwords. Consequently, unauthorized users could connect to the battery with compatible software. They could then activate the Disable Discharge function, which immediately stopped power from reaching the vehicle.
Because several people recorded these demonstrations, the videos spread rapidly across social media.
E-Rickshaw Bluetooth Security Vulnerability Explained
Experts believe the problem does not affect the vehicle itself. Instead, the issue appears to involve the battery’s Bluetooth communication.
Many modern lithium-ion batteries include Bluetooth-enabled Battery Management Systems for maintenance purposes. These systems allow technicians to monitor battery performance through dedicated smartphone applications.
However, weak security settings created a potential entry point. If users never changed the default Bluetooth password, unauthorized individuals could gain access.
Therefore, cybersecurity experts describe the issue as a Bluetooth BMS vulnerability rather than a fault in the e-rickshaw’s motor or electronics.
Which E-Rickshaw Battery Management Apps Are Under Investigation?
According to reports, the government notice mentions several e-rickshaw battery management apps, including:
- BAT-BMS
- SMART BMS
- Epoch Li-ion
- Lossigy
Officials say they are investigating whether these applications were misused through unsecured Bluetooth connections. At the same time, authorities are checking if similar vulnerabilities exist in other Battery Management System applications.
The investigation remains ongoing, and officials have not announced any final conclusions.
MeitY Orders Google and Apple to Remove BMS Apps
Following the investigation, MeitY issued notices asking Google Play Store and Apple App Store to review and remove the identified applications.
According to MeitY Secretary S. Krishnan, digital platforms have a responsibility to remove software that could threaten public safety.
In addition, the Delhi government has launched a separate inquiry into the reported incidents. Officials will review technical evidence before deciding whether further action is necessary.
Which Vehicles Face This Security Risk?

Importantly, not every electric vehicle is vulnerable.
The reported issue mainly affects e-rickshaws using Bluetooth-enabled lithium-ion batteries with compatible Battery Management System applications.
Older vehicles powered by lead-acid or dry batteries do not use Bluetooth communication. Therefore, they are not affected by this specific security issue.
Experts also emphasize that the vulnerability exists in the battery management software rather than the vehicle itself.
How to Secure a Lithium-Ion Battery BMS
Cybersecurity specialists recommend taking several simple precautions.
First, change the factory-default Bluetooth password immediately.
Next, install firmware updates whenever the battery manufacturer releases them.
In addition, disable Bluetooth when it is not needed.
Drivers should also install only official Battery Management System applications from trusted sources.
Finally, contact the battery manufacturer if the default security settings remain unchanged.
These simple steps can significantly improve EV battery security.
Why This Matters for India’s EV Industry
India’s electric mobility market continues to expand rapidly. Millions of people now depend on electric vehicles for daily transportation and income.
Therefore, cybersecurity has become just as important as battery performance.
Industry experts believe manufacturers should introduce stronger authentication, encrypted Bluetooth communication, and unique passwords for every Battery Management System.
Furthermore, regulators may introduce stricter electric vehicle cybersecurity standards after completing the investigation.
Timeline of Events
Viral videos emerge
Drivers report e-rickshaws shutting down unexpectedly.
Technical investigation begins
Experts identify a possible Bluetooth BMS vulnerability.
MeitY issues notices
Google and Apple receive directions regarding the listed applications.
Delhi government launches probe
Officials begin a separate investigation.
Current status
Authorities continue examining affected Battery Management System software.
What Happens Next?
Officials are expected to introduce stronger cybersecurity rules for Bluetooth-enabled battery systems.
Future regulations may require:
- Unique Bluetooth passwords
- Secure authentication
- Encrypted communication
- Stronger firmware protection
- Better software testing
Meanwhile, investigators will continue reviewing technical evidence.
If authorities identify additional vulnerabilities, they may expand the investigation to include more battery manufacturers and software developers.
Conclusion
The government’s action against several e-rickshaw battery management apps marks an important step toward improving EV battery security in India.
Although investigators have not released their final findings, the reported Bluetooth BMS vulnerability has highlighted the growing importance of electric vehicle cybersecurity.
Until then, drivers should change their default Bluetooth passwords, install software updates, and use only trusted Battery Management System applications. These simple precautions can greatly reduce the risk of unauthorized access while authorities complete their investigation.
Frequently Asked Questions
Why did MeitY issue notices to Google and Apple?
MeitY asked both companies to review and remove certain e-rickshaw battery management apps after reports linked them to a Bluetooth security vulnerability.
Which apps are under investigation?
Authorities are reviewing BAT-BMS, SMART BMS, Epoch Li-ion, and Lossigy.
Are all e-rickshaws affected?
No. The reported vulnerability mainly affects vehicles using Bluetooth-enabled lithium-ion Battery Management Systems.
How can drivers protect their vehicles?
Drivers should change the default Bluetooth password, install firmware updates, disable Bluetooth when not required, and use only official Battery Management System apps.
Is the investigation complete?
No. Authorities are still examining the reported security issue. Officials will announce further action after completing the investigation.