Apple India forced to remove risk-to-e-rickshaws apps

India’s government has told Apple and Google to remove three battery monitoring apps from their App Stores, even as it launches a national cybersecurity probe.
The app removal demand followed complaints from rickshaw drivers across multiple states and growing worries regarding the security of Bluetooth-enabled battery management systems used in such vehicles.
The apps allegedly had been abused to stop e-rickshaws dead in their tracks. The US firms have also been urged to police app stores more strictly in future.
Bluetooth battery management apps – a new attack vector
The BAT-BMS, Lossigy, and Epoch-i-ion apps were removed after videos on social media claimed these were used to remotely disable battery-powered e-rickshaws.
Removal was ordered by MeitY (Ministry of Electronics and IT), and Secretary S Krishnan, speaking at the CII Cybersecurity Summit.
Manufacturers, dealers and service technicians use the app to monitor battery performance, check charging status, diagnose faults and configure battery settings. The disable feature was intended to be a safety feature, rather than a kill switch.
Please subscribe to The Core for your daily collection of human-curated Apple News.
The problem is that many low-cost e-rickshaw batteries ship with no password/authentication, so anyone within roughly 10–15 metres of Bluetooth range can pair with an unsecured battery and cut power. Older lead-acid battery models and some proprietary lithium systems aren’t vulnerable.
However, pranksters had begun using these apps to remotely switch off rickshaw batteries while the vehicles were in transit, sometimes with dangerous effects or with demands for cash to enable the vehicles again.
Drivers reported losing days of income while they tried to get things working again, The government also asked app stores to exercise stricter scrutiny before distributing similar apps.
Government and law enforcement agencies are continuing their investigations.
