The Ministry of Electronics and Information Technology has reportedly directed Google and Apple to block seven mobile applications allegedly being misused to remotely interfere with e-rickshaw Battery Management Systems.
The action follows concerns that certain diagnostic apps were being exploited to lock or disable lithium-ion battery packs used in local e-rickshaw fleets, causing sudden vehicle shutdowns and affecting drivers’ daily earnings.
Apps Allegedly Exploited Bluetooth-Based BMS Weaknesses
According to investigative findings, the affected apps were originally designed to monitor battery health parameters such as voltage, temperature, current flow and cell performance.
However, authorities found that weak Bluetooth authentication in certain Battery Management Systems allowed external devices to connect without strong password protection or encrypted verification.
Once connected, rogue users could allegedly send shutdown or lock commands to the battery system, disrupting the vehicle’s power supply.
Sudden Battery Lockouts Created Safety Risks
Officials are concerned that remote battery shutdowns could create serious risks for passengers and drivers.
If an e-rickshaw stops unexpectedly during a trip, it may endanger passengers, disrupt traffic and affect the livelihood of drivers who depend on daily operations.
The issue has raised wider concerns over the cybersecurity of connected electric mobility infrastructure in India.
Seven Apps Under Blocking Action
While the complete official list remains under review, reports mention apps such as:
- BAT-BMS
- SMART BMS
- LOSSIGY
- Epoch Li-ion
Authorities are examining whether these applications contained intentional malicious features or whether they were misused because of weak security controls in the battery hardware itself.
MeitY Pushes Platform Accountability
MeitY has reportedly emphasised that app marketplace operators must act against software that can threaten public safety or disrupt connected transport systems.
The ministry is also reviewing whether diagnostic and utility apps linked to public mobility infrastructure should undergo stricter checks before being made available to users.
Hardware Security Standards May Be Tightened
The incident has prompted a broader review of electric vehicle battery safety and cybersecurity standards.
Authorities are examining whether some imported or unbranded lithium battery packs entered the market without adequate cybersecurity testing.
Future rules may require stronger protections such as:
- Encrypted Bluetooth communication
- Mandatory password protection
- Secure device pairing
- Firmware-level access restrictions
- Multi-factor authorisation for critical battery controls
Independent auditing services in india can help EV manufacturers, fleet operators and battery suppliers assess cybersecurity controls, verify compliance and identify vulnerabilities before they affect public safety.
Conclusion
The reported MeitY action marks an important step in recognising that vehicle cybersecurity is now part of road safety.
As India’s electric mobility ecosystem expands, battery systems, diagnostic apps and connected vehicle components must be secured against misuse. For drivers and fleet operators, any unexplained battery lockout should be reported to authorised service centres and relevant authorities immediately.
Shunyatax Global Insight
Connected mobility brings efficiency, but it also creates new cyber risks. When battery systems, Bluetooth interfaces and mobile apps are weakly secured, even small vulnerabilities can disrupt public transport and driver income.
Shunyatax Global believes EV companies, battery manufacturers and fleet operators should conduct regular cybersecurity testing, firmware reviews, access-control checks and independent auditing services in india. Strong technical governance can help prevent unsafe battery lockouts, protect commuters and build trust in India’s electric mobility ecosystem.