2.5 Device Control
2.5.1 Find Device
MIUI provides users with the Find Device feature that assists users in locating lost mobile phones while protecting the data security of the phone. This feature is turned off by default and can be used only when the user enables it manually. Enabling this feature allows users to perform remote operations on their lost device by logging in to Mi Cloud. Users can locate, sound, enable lost mode, or erase data from the lost device.
| Operation | Description |
|---|---|
| Locate | Allows users to obtain the current location of their mobile phone through a network or by SMS commands. The location of the lost device is then visually displayed on a map. |
| Sound | Users can utilize a network or SMS command to make their mobile phone ring as a means of finding their phone if it is nearby. |
| Lost mode | Users can lock their mobile phones through a network or by SMS commands. After being locked, the phone will automatically report its location periodically, while any bank cards linked to Mi Pay will be automatically unlinked. |
| Erase data | Users can reset their mobile phone through a network or by SMS command and can disable data synchronization and unlink any bank cards linked to Mi Pay. |
2.5.2 Mobile Phone lock/Unlock Policies
Enabling the Find Device feature links the mobile phone to the current Mi Account. To protect users' rights, MIUI has implemented various security policies.
| Security Policy | Description |
|---|---|
| Activation locking | Enabling the Find Device feature locks the mobile phone when restoring a Xiaomi smartphone to factory default settings or flashing a Xiaomi smartphone. The phone can only be unlocked using the password of the linked Mi Account. |
| Password reset protection | Enabling the lost mode and remote lock feature prevents unlocking the phone for three days, even if the account password is reset. This allows users of lost phones to replace their SIM cards and regain control over their accounts and phones. |
| Customer service unlocking | If a user forgets their Mi Account password and cannot retrieve it, they can seek help from customer service to unlock the phone. To make an unlock decision, customer service requires the unlocking code on the lock interface or IMEI, proof of purchase such as order number or invoice, and the Mi Account phone number. An unlock application will be rejected if the proof of purchase is incomplete or invalid. |
If a mobile phone is lost, having a screen lock password often results in the need to flash the device. To prevent tampering, MIUI stores the association between the account and the device on its cloud server (some devices write this association status to a special partition that cannot be flashed). When booting, the device must connect to the network and obtain the true association from the server. If the current login account differs from the associated account on the server, MIUI requires the user to switch back to the associated account before using it.
Users of devices with an unlocked BL lock can bypass the phone lock by forcibly flashing a non-MIUI system or an unofficial, tampered MIUI system. However, this kind of ROM cannot perform OTA (Over the Air) and cannot log in to Mi Account normally. When the device flashes back to the official MIUI pack, it will once again be protected by the Find Device feature.
2.5.3 Second Space
MIUI's second space allows users to create a separate and independent space from the original system. This space provides separate encryption protection and complete isolation of users' accounts, applications, and data from the main space. Users can set different passwords to access the main space and the second space, creating a virtual mobile phone experience like having a second device. The independent space allows users to store private files, pictures, and information, and install private applications. Moreover, any operations performed in this independent space will not affect the main space of the mobile phone, making it similar to a "sandbox."
*Note: Mobile phones with a RAM of 4 GB or less will no longer support this function.
2.5.4 Mobile Device Management (MDM)
MIUI provides a device protection function called Mobile Device Management ("MDM") that acts as an interface for managing and operating mobile phone devices. Through the MDM application and API interface provided by MIUI, corporate IT systems can easily control and manage MIUI devices. API calls require authorization to ensure permission control and security.
For applications that guide or provide permissions for the abnormal use of the device manager, the system control policy must be implemented according to the relevant criteria, which include, without limitation, strongly reminding the user to close the application, and prohibiting the application from accessing services or permission interfaces.
For applications that guide or provide permissions through the device manager that may harm user data and device security, the following operations will be rigorously performed: the application will be removed from Xiaomi's GetApps, the application will be prohibited from accessing the relevant service interfaces and the relevant applications will be prohibited from being displayed in the device manager's app list.
*Note: Mobile phones customized by telecom operators do not support this function.