Xiaomi respects and complies with relevant industry standards, laws and regulations. We fully demonstrate the compliance of our practices through regular self-assessment, third-party audits and certifications.
Certifications and White Papers
Our practice has been rigorously tested and is worth the trust of users.All
Smartphone
IoT
Certifications
ISO/IEC 27001 has developed into the most authoritative, rigorous, and most widely accepted information security management standard in the world. The certification presents that Xiaomi has met the requirements of international standards and fulfilled our commitment to users, which puts Xiaomi in a leading position in the information security management area.
Certification No.
IS 718032
Scope:
Beijing Xiaomi Mobile Software Co., Ltd.
The provision of IT operation & maintenance services (including network operation, database operation, application operation, ERP and its components), Cloud Computing services (including Storage and Database, Data Processing and Analysis, Elastic Computing), Data services (including Data Statistics, Data Analytics and Visualization, User Portrait) for Xiaomi Group.
This is in accordance with the Statement of Applicability version 1.4 issued on 24th April 2023.
Registration Address: #018, 8th Floor, Building 6, No. 33 Xi'erqi Middle Road, Haidian District, Beijing, China.
Certification No.
IS 796757
Scope:
XIAOMI Technologies Singapore PTE. LTD.
The provision of cloud operation & maintenance services (including network operation, database operation, servers operation), data operation and maintenance (including data statistics, data analysis and visualization) and business operation (including business system operation, IT support, physical environment and human resources) services for Xiaomi International Business. The provision of the following systems maintenance services for external clients:
1) E-commerce retail and related order, warehousing, logistics, customer service, and after-sales service;
2) Xiaomi Mobile Phone MIUI application products (including MiCloud, Gallery, Security Center, Browser, Video International, Music, Game Center International, GetApps and MIUI basic applications);
3) Xiaomi IoT platform and Mi Home app, Mi Fitness app.
This is in accordance with the Statement of Applicability version 1.1 issued on 24th Aug 2023.
Registration Address: XIAOMI Technologies Singapore PTE. LTD.1, Fusionopolis Link,#04-02/03, Nexus @ one-North, Singapore 138542.
Certification No.
I-ISMS202011003, I-ISMS202011002
Scope:
Xiaomi Technology India Private Limited
Mi Pay Application & its Related Infrastructure including Supporting Functions, Legal, HR, Administration & Commercials Department and Mi Credit Application & its Related Infrastructure including Supporting Functions Legal, HR, Administration & Commercials Department
ISO/IEC 27018 is the first international code of conduct focusing on the protection of personal information in the cloud. This certification indicates that Xiaomi has effectively established a cloud data security and privacy management system to protect the users' data stored in the cloud.
Certification No.
PII 796759
Scope:
XIAOMI Technologies Singapore PTE. LTD.
The provision of cloud operation & maintenance services (including network operation, database operation, servers operation), data operation and maintenance (including data statistics, data analysis and visualization) and business operation (including business system operation, IT support, physical environment and human resources) services for Xiaomi International Business.
The provision of the maintenance services of Xiaomi Mobile Phone MIUI application products, including MiCloud, Gallery, Security Center, Browser, Video International, Music, Game Center International, GetAppsand MIUI basic applications for external clients.
This is in accordance with the Statement of Applicability version 1.1 issued on 24th Aug 2023.
Registration Address: XIAOMI Technologies Singapore PTE. LTD.1, Fusionopolis Link,#04-02/03, Nexus @ one-North, Singapore 138542.
ISO/IEC 27701:2019 is the latest international standard designed solely for privacy protection. It effectively integrates privacy protection practices into the information security management system. This certification proves that Xiaomi has satisfied the strict requirements of privacy protection.
Certification No.
PM 796758
Scope:
XIAOMI Technologies Singapore PTE. LTD.
The provision of global (except Mainland China) maintenance services of Xiaomi IoT platform and Mi Home app, Mi Fitness app, Mi Store including its supporting order, warehousing,logistics, after-sales system.
This is in accordance with the Statement of Applicability version 1.1 issued on 24th Aug 2023.
Registration Address: XIAOMI Technologies Singapore PTE. LTD.1, Fusionopolis Link,#04-02/03, Nexus @ one-North, Singapore 138542.
SOC 2 compliance certification is an independent audit recognized globally for its rigor in reviewing organizations’ systems and controls. Xiaomi complies with SOC 2 standards with zero exceptions in the criteria of security, privacy, and confidentiality, which is the highest security measure set by the organization, which also means providing customers with third-party verification of Xiaomi's commitment to data protection and security.
Scope:
Xiaomi Technologies Singapore Pte. Ltd.
MIUI Operating System Services, including MiCloud, Gallery, Security Center, Browser, Video International, Music, Game Center International, GetApps and MIUI basic applications. Xiaomi Technologies Singapore Pte. Ltd.
Xiaomi Internet-of-Things (IoT) Platform Services, including Mi Home, Mi Fitness, Mi Smart Band,Mi Watch, Mi Robot, Mi Scooter, Mi Router and Mi Camera.
IT PRODUCT CERTIFICATE OF INFORMATION SECURITY is based on GB/T 18336-2015 (Information technology—Security techniques—Evaluation criteria IT security) and CCRC-EAL-TR-052-2023 (Security technical requirements trusted execution environment OS on smart terminals). MiTEE OS, as a core component of Xiaomi SmartPhone security, has obtained the first domestic EAL5+ certificate of the highest security level issued by the China Cybersecurity Review Technology and Certification Center (CCRC), which proves that MiTEE OS has the industry-leading ability to guarantee information security.
Certification No.
CCRC-2023-VP-1189
Scope:
MiTEE OS 2.0
MIUI 12 is the world's first mobile system that has passed the TÜV Rheinland Android system enhanced privacy protection test, which fully proves that MIUI 12 has in-depth and complete security and privacy protection capabilities in the fields of app permission management, private information sharing, malicious behavior detection and interception, etc.
Certification No.
60364256 001
Scope:
Xiaomi Communications Co., Ltd.
According to the test result of privacy protection features, TÜV Rheinland has reached a conclusion that MIUI is providing usres with higher disposal rights, convinience, and guidance regarding privacy. We conclude that MIUI has reached adequate privacy protection level according to the requirement.
UL is an internationally renowned certification institution in the United States. Its IoT security rating certification service has been fully recognized by the National Institute of standards and Technology (NIST). Xiaomi Electric Scooter 4 Pro conform to the requirements of UL MCV 1376 security standard. Obtaining UL IoT Security Rating Level 3 (Gold) certification means that the product meets the requirements of American IoT safety regulations and the recommendations in the global IoT security standards.
Certification No.
V184868
Scope:
Xiaomi Communications Co., Ltd.
Xiaomi Electric Scooter 4 Pro
White Papers
This document provides detailed information about security design in Xiaomi HyperOS / MIUI.
2024 First Release
HyperOS Security White Paper
2023 First Released
MIUI 14 Security White Paper
2022 First Released
MIUI 13 Security White Paper
2021 First Released
MIUI 12 Security White Paper
2020 First Released
MIUI 12 Security and Privacy White Paper (Simplified Chinese)
This document provides detailed information about the data collection and usage in Xiaomi HyperOS / MIUI.
2024 First Release
HyperOS Privacy White Paper
2023 First Released
MIUI 14 Privacy White Paper
2022 First Released
MIUI 13 Privacy White Paper
This document provides detailed information about the data collection and usage regarding Xiaomi IoT devices.
2023 First Released
Xiaomi IoT Privacy White Paper
This document is released by Xiaomi, and applies to the consumer IoT devices, which has been practiced in Xiaomi and its eco partners.
2023 Newly Updated (2021 First Released, 2022 Updated)
Xiaomi IoT Security Baseline
This document provides detailed information about security and privacy design in AI technology of Xiaomi.
2021 First Released
Xiaomi Trustworthy AI White Paper
