The App That Can Kill Your Ride: Why India’s E-Rickshaw Network is Facing a Digital Hijack
Explained: The app that can stop an e-rickshaw — and why it has exposed a bigger cybersecurity risk
From rogue software to stranded passengers, a look at how unsecured battery management systems are turning electric mobility into a security liability.
It started as a baffling mystery on the streets of Delhi. An e-rickshaw driver would be navigating heavy traffic when, without a single warning light or mechanical failure, the vehicle simply died. No smoke, no sputter—just a dead stop in the middle of a busy road. Many drivers, assuming a genuine technical fault, spent hours pushing their vehicles to local mechanics, only to be charged for "repairs" that involved little more than a few taps on a smartphone app.
But the reality is far more sinister than a faulty battery. Viral social media clips have exposed a disturbing trend: individuals standing near parked or moving e-rickshaws, using Bluetooth-enabled apps to remotely trigger a "power off" command. This isn't a glitch; it is a forced digital shutdown.
The Crackdown on Rogue Apps
The situation escalated to the point where the Ministry of Electronics and Information Technology (MeitY) had to intervene. Acting on reports of systemic exploitation, the government directed tech giants Google and Apple to pull several applications from their stores, including BAT-BMS, Lossigy, and Epoch i-ion.
For the driver left stranded, the loss of income is immediate. For the authorities, however, the problem is rapidly evolving from a local nuisance into a law-and-order crisis. In cities like Ujjain, police have registered formal cases against miscreants who were not just disabling vehicles for a prank, but were actively extorting money from drivers to "unlock" their battery systems.
Why it Matters: The Cybersecurity Gap
While banning apps provides a temporary fix, the core of the issue is not the software itself, but the hardware it controls. The surge in low-cost electric vehicles has led to a market flooded with poorly secured battery management systems. These systems often utilize standard, unencrypted Bluetooth protocols that allow any nearby device to pair with the vehicle’s controller.
This creates a massive cybersecurity vulnerability. When we push for rapid electrification, the focus often remains on range and cost, leaving digital security as an afterthought. If a simple app can shut down a public transport vehicle, it raises an uncomfortable question: how safe is our connected transport infrastructure?
The current probes by the Delhi transport department and the central government signal a shift in how India perceives electric mobility. It is no longer just about green energy; it is about the security of the grid and the safety of the commuter. Moving forward, the industry will likely face stricter compliance norms. Manufacturers can no longer ignore the digital gates they are installing in their vehicles, and the government’s move to blacklist specific apps is likely just the first step in a broader regulatory overhaul of the EV ecosystem.
Ananya Iyer covers global affairs with an Indian lens for PoliticalPedia.