E-rickshaw Bluetooth security flaw: govt deletes two apps including BAT-BMS
Viral videos showing people using mobile phones to remotely stop moving e-rickshaws without the driver’s knowledge have drawn attention to a security flaw in some Bluetooth enabled battery packs used in low cost e-rickshaws. The videos, widely shared on social media, show people stopping e-rickshaws, often as a prank or in retaliation over alleged poor driving.
The vehicles are not being hacked through malicious software. Instead, the incidents point to a security weakness in certain Bluetooth enabled battery packs. The BAT-BMS app, developed by Chinese company Shenzhen Grenergy Technology, is a battery monitoring application designed for Bluetooth enabled lithium batteries, allowing users to check charge, voltage, temperature and cell health, and includes a discharge control function that can switch a battery’s power output on or off. The issue arises because some Battery Management Systems installed in low cost lithium battery packs do not have password protection enabled. If left unsecured, anyone within Bluetooth range of around 10 to 15 metres can connect to the battery and disable its discharge function, cutting power to the vehicle.
The videos have raised safety concerns since an e-rickshaw carrying passengers could stop unexpectedly on the road, increasing the risk of traffic disruption or collisions. Within days of the videos going viral, Meity Secretary S Krishnan said on Friday, July 3, that India has deleted two apps relating to e-rickshaws being stopped remotely, and that the government will take up the issue with app stores.
The problem appears largely limited to e-rickshaws using inexpensive Bluetooth enabled battery packs without password protection. Electric scooters, motorcycles and cars sold by established manufacturers use more secure battery management systems that require authenticated access through authorised applications and encrypted communication, and cannot be accessed simply by downloading the BAT-BMS app. The app itself is not designed to control moving vehicles and is commonly used to monitor batteries in applications such as solar energy storage and marine systems.
For drivers whose e-rickshaws stop due to the discharge function being switched off, power can usually be restored by turning the battery’s main circuit breaker off and back on after a few seconds before cycling the ignition. If the problem persists, drivers can reconnect to their own battery through the BAT-BMS app and enable both the charge and discharge functions. Battery technicians have also recommended changing the default password on Bluetooth enabled Battery Management Systems wherever possible, since this prevents unauthorised users from connecting to the battery.
Comments are closed.