BAT-BMS App Misuse Raises Security Concerns for Electric Three-Wheelers

0
8

New Delhi, July 1: Viral videos showing electric rickshaws being switched off using the BAT-BMS smartphone application have raised fresh concerns over the cybersecurity of battery-powered three-wheelers in India. However, experts clarify that the issue is linked to weak battery security rather than sophisticated hacking.

The BAT-BMS app, developed by Shenzhen Grenergy Technology, is a legitimate Battery Management System (BMS) application designed to monitor Bluetooth-enabled lithium batteries. It allows users to check battery status, voltage, temperature, charging cycles and, on compatible batteries, control charging and discharging functions.

The problem arises because some low-cost lithium battery packs used in e-rickshaws reportedly feature Bluetooth-enabled BMS units with little or no password protection. Anyone within a Bluetooth range of approximately 10–15 metres may be able to connect to such batteries and disable the discharge function, causing the vehicle to stop immediately.

Watch Video:

Experts emphasise that not all electric three-wheelers are vulnerable. The app works only with compatible Bluetooth-enabled lithium batteries. Vehicles using lead-acid batteries or proprietary battery management systems remain unaffected. Claims that the app can remotely stop every e-rickshaw are therefore misleading.

The incident has highlighted the need for stronger cybersecurity measures in connected electric vehicles. Industry experts recommend better authentication, encryption and secure Bluetooth pairing to prevent unauthorised access to battery systems. Battery owners are also advised to enable password protection wherever available.

Meanwhile, the BAT-BMS application is reportedly no longer available on Apple’s App Store, although it continues to be listed on the Google Play Store.