E-Rickshaw ‘Hack’ Exposes Cybersecurity Gaps in India’s EV Ecosystem
Ecosystem
Leave a Comment / Cybersecurity, Data Protection, Enterprise Technology, Industry News / By cxojunction
India’s electric mobility ecosystem is facing a growing cybersecurity challenge after vulnerabilities in battery management system reportedly allowed e-rickshaws to be remotely disabled. Experts say the incident is not the result of a sophisticated cyberattack but a consequence of insecure system design, exposing critical security gaps in connected electric vehicles.

The vulnerability is linked to Bluetooth-enabled Battery Management System (BMS) used in many low-cost e-rickshaws. Without proper authentication, encryption, or access controls, unauthorized users within Bluetooth range can potentially connect to the system and interfere with vehicle operations. Experts emphasize that the weakness lies in insecure BMS architecture rather than the battery management applications themselves.
Applications such as BAT-BMS, Lossigy, and Epoch Li-ion are legitimate tools designed to monitor lithium-ion battery performance, including charge levels, voltage, temperature, and battery health. However, when integrated with poorly secured BMS units, they can unintentionally expose connected vehicles to misuse. The incident highlights the need for manufacturers to adopt secure-by-design principles while developing connected EV technologies.
The impact extends beyond cybersecurity. Reports of e-rickshaws shutting down unexpectedly in traffic have raised concerns over passenger safety, driver livelihoods, and public confidence in electric mobility. The incident has also highlighted challenges related to imported electronic components, supply chain transparency, and the lack of standardized cybersecurity validation for connected vehicle systems.
Although the government’s decision to remove the affected battery management apps from app stores is an important immediate response, experts believe it addresses only part of the problem. They recommend stronger cybersecurity regulations, mandatory certification for connected vehicle components, stricter oversight of digital platforms, enforcement of existing data protection laws, and improved security measures such as stronger authentication, encrypted communication, digitally signed firmware, and regular software updates.
The incident serves as an important wake-up call for India’s rapidly expanding EV ecosystem. As connected mobility continues to grow, embedding cybersecurity into every stage of vehicle design will be critical to protecting public safety, strengthening consumer trust, and building a resilient electric mobility infrastructure capable of supporting the country’s long-term digital and transportation ambitions.
CXO Junction remains dedicated to providing you with exclusive insights into transformative leadership journeys. Stay tuned for more updates as we continue to bring industry news to you.
Source: E-Rickshaw ‘Hack’ Exposes India’s EV Cybersecurity Blind Spot | Indian Masterminds | https://indianmasterminds.com/feature-stories-on-bureaucrats-changemakers/indian-ev-cybersecurity-risks-battery-management-system-215178/
