Why e-rickshaws stopped mid-ride: The tech behind the chaos
If you're looking for a subtle, non-artistic illustration of how one person's misery can become another person's amusement, look no further than what unfolded on
If you're looking for a subtle, non-artistic illustration of how one person's misery can become another person's amusement, look no further than what unfolded on Indian X (formerly Twitter) and other social media platforms at large over the past few days. E-rickshaws, often viewed as cheap and, although not solely responsible for traffic jams, frequently blamed for them, found themselves at the centre of a strange spectacle. A random individual using some app was remotely switching off running e-rickshaws, leaving drivers stranded in the middle of their journeys. How Bluetooth-enabled Battery Management System (BMS) allowed remote control functions Read Full Story The videos that followed became a source of chaotic amusement online. Many found the scenes hilarious, sharing memes and jokes while paying little attention to what the e-rickshaw drivers themselves might have been going through. What appeared as harmless fun for viewers was, for those drivers, confusion, disruption and, potentially, a loss of income. India Today's Open Source Intelligence (OSINT) team attempted to understand how the battery management system functions and how vulnerabilities, if any, may exist within the broader BMS ecosystem. The team also spoke with several e-rickshaw drivers to understand the problems they have faced since this newly "invented" misery emerged. The issue stemmed from three immediate gaps: a Bluetooth-enabled Battery Management System (BMS) that allowed remote control functions and the "BAT-BMS" mobile utility application, developed by Shenzhen Grenergy Technology Co., Ltd., a China-based company, that exposed these controls without adequate authentication. However, the episode also revealed a deeper problem. Almost none of the e-rickshaw drivers were aware of the password protection system embedded within the BMS. Several drivers claimed that sellers had never informed them about these features, pointing both to a lack of disclosure at the point of sale and a wider lack of awareness among drivers about the technology powering their vehicles.
While talking to India Today, one of the major e-rickshaw battery manufacturers said that "earlier systems did not have any password protection and were open to connect with." However, the manufacturer added that "updated versions now come with password protection features." "Drivers generally do not have much use for the BMS and mostly need it to check the battery percentage. Therefore, we do not usually share the IDs and passwords with them," the dealer added. THE TECHNOLOGY BEHIND THE CHAOS BAT BMS application has now enabled password security Modern lithium batteries used in several e-rickshaws are equipped with a Battery Management System (BMS), an electronic circuit that continuously monitors the battery's voltage, temperature, current flow and charging status. In many cases, the BMS is also fitted with a Bluetooth Low Energy (BLE) module, allowing drivers, dealers or battery manufacturers to monitor battery health through a mobile application. Once a smartphone comes within Bluetooth range, typically a few metres, the application can discover the battery, establish a connection and read data such as charge level, voltage, temperature and battery condition. In certain battery systems, the app is also given control functions, including the ability to enable or disable the battery's discharge circuit through switches inside the BMS. When this discharge path is turned off, power flow to the motor controller stops, causing the e-rickshaw to shut down. The functionality itself is designed for legitimate purposes such as maintenance, diagnostics, theft prevention and battery protection, but if access controls are weak or absent, the same feature can be misused by unauthorised users within Bluetooth range. While India Today's OSINT team could not independently verify the security configuration of the affected batteries, the US cybersecurity and standards agency under the Department of Commerce, in its Guide to Bluetooth Security (Special Publication 800-121 Revision 1), cautions that Bluetooth implementations lacking authentication and encryption safeguards can be vulnerable to unauthorised access.
