6. Security and Privacy Certifications
Xiaomi has been widely recognized by global third-party agencies in the field of information security and privacy protection. The authoritative information security and privacy certifications we obtained are the best embodiment of our leading position.
6.1 ISO/IEC 27001:2013 Certification
ISO/IEC 27001 has developed into the most authoritative, rigorous, and most widely accepted information security management standard in the world. The certification presents that Xiaomi has met the requirements of international standards and fulfilled our commitment to users, which puts Xiaomi in a leading position in the information security management area.
6.2 ISO/IEC 27701:2019 Certification
ISO/IEC 27701:2019 is the latest international standard designed solely for privacy protection. It effectively integrates privacy protection practices into the information security management system. This certification proves that Xiaomi has satisfied the strict requirements of privacy protection.
Xiaomi is also a corporate member of the IoT Security Foundation ("IoTSF"). We implement the security assessment framework of IoTSF in our practices, and have built our internal IoT security and privacy management system and testing cases in accordance with IoTSF principles.
6.3 BSI IoT Kitemark™
The Kitemark™ is a product and service quality trademark which is owned and operated by BSI. It conducts technical testing and security audits for IoT systems based on the ETSI EN 303 645 standard, providing consumers with a fast and simple way to identify secure and trust-worthy IoT devices. Obtaining the Kitemark™ certifications means that Xiaomi products are in compliance with the best security practices, including the ETSI EN 303 645, OWASP Top 10 Security Requirements, etc.
6.4 TÜV Rheinland Cybersecurity and Privacy Protection Standard Certificate
The TÜV Rheinland Cybersecurity and Privacy Protection Standard Certificate is owned and issued by TÜV Rheinland and it's a symbol of product security and quality. It conducts technical testing and security audits for IoT systems based on the ETSI EN 303 645 standard, providing consumers with a fast and simple way to identify secure and trust-worthy IoT devices. Obtaining the certificate means that Xiaomi products are in compliance with the best security practices, including the ETSI EN 303 645 standard.
You can learn more about our security and privacy certifications in Xiaomi Trust Center.