What is BAT-BMS app that is switching off e-rickshaws on the road? | India News | ACTPnews

Business Standard



Social media is flooding with viral videos showing random users remotely disabling battery rickshaws on roads using a Chinese smartphone app called BAT-BMS.

 


The app, developed by the Chinese company Shenzhen Grenergy Technology, allows users to track and control Bluetooth-enabled lithium batteries, sparking concerns over the cyber-safety of India’s rapidly growing EV ecosystem.

 

The creators, across Instagram, YouTube, Reddit, and X, are filming themselves switching off e-rickshaws and electric scooters, causing the vehicles to stop unexpectedly in the middle of the road.

 


While it remains unclear how widespread the vulnerability is or how many battery models are affected, the clips have raised questions about whether some battery systems lack adequate authentication safeguards.

 
 


Several netizens criticised the use of such remotely operated apps, saying it was unnecessarily troubling the e-rickshaw (Tirri) owners. “Dangerous and unethical,” one user posted on X, commenting on the plight of tirri drivers.

 

The attention has turned to a broader question of vehicle cybersecurity, with electric vehicles becoming increasingly software-driven and connected through Bluetooth-enabled components.

 


What is a Battery Management System?

 


A Battery Management System (BMS) is an electronic control unit that acts as the “brain” of a lithium-ion battery pack. It monitors the battery voltage, temperature, charging and discharging current to ensure safe and efficient operation.

 


Many BMS units allow users to control the battery through Bluetooth via a smartphone app instead of using a dedicated display. The BAT-BMS application is one such utility designed for compatible lithium batteries.

 


According to the company’s website, the app enables users to view battery diagnostics—including charge level, voltage, temperature, cycle life and individual cell status—while also allowing certain battery functions to be managed remotely. The app connects directly to compatible batteries over Bluetooth and is intended for use by battery owners and authorised users.

 


Why do companies install BMS batteries in e-rickshaws?

 


According to Mukesh Gupta, founder of MaxVolt Energy, battery manufacturers install BMS units primarily to monitor battery health, usage patterns and charging behaviour, particularly for financed vehicles.

 


“It’s crucial for the company to monitor batteries, including battery life, and where and how it’s been used. A telematics system helps with this. This system can also be used to shut down the battery,” Gupta told The Lallantop.

 


But can everyone have remote access to the batteries? Gupta says only the company has complete access to the BMS. According to him, only the operator can monitor it. “This means they can access the battery temperature or voltage. But there’s no way to shut it down. Only the company can do that.”

 


Many are then wondering how the Chinese app has been able to remotely control the batteries—a feature that is now being exploited for amusement and views.

 

According to The Print, many e-rickshaws and electric two-wheelers in India use Chinese Battery Management Systems (BMS) with minimal to no security, often with default open Bluetooth settings. Such systems allow smartphone users to manipulate and control vehicles without passwords or authentication, shutting them down. 


Experts weigh in


Experts say the incident should not be dismissed as a viral prank, but viewed as a warning about broader gaps in India’s cybersecurity governance for the connected mobility ecosystem.

 


“When something as critical as a Battery Management System can be accessed through Bluetooth without strong authentication or secure pairing, the concern is not the app alone. The real concern is that safety-critical vehicle systems are becoming connected without enough thought being given to cybersecurity,” says Anurag Singh, CEO, RAH Infotech.

 


The issue is particularly significant for India, where EV adoption is expanding rapidly through a fragmented ecosystem of OEMs, battery suppliers, dealers, retrofitters and imported components, Singh added.

 


According to Kunal Bhogal, COO, IIRIS Consulting, “Every unsecured node becomes an attack surface where a digital flaw turns into a physical safety threat on public roads. Without mandated security-by-design and manufacturer accountability, cheap connected hardware will keep scaling these risks across India’s mobility ecosystem,” he adds.

 


“Security cannot be left to the driver or the end user. It has to be built in at the manufacturer and supplier level through secure default settings, authenticated commands, firmware protection and regular monitoring. In connected mobility, a weak endpoint is not just a technology gap. It can quickly become a public safety risk, says Anurag.

 



Source link

Leave a Reply

Your email address will not be published. Required fields are marked *