MIUI 13 Security White Paper - Xiaomi

6.1 Certifications

Xiaomi's globally recognized information security and privacy certifications demonstrate our leadership and dedication to maintaining internationally recognized security and privacy standards.

The following is a partial list of our information security and data privacy certifications:

6.1.1 ISO/IEC 27001:2013 Certification

The ISO/IEC 27001 standard has become the widely accepted and rigorous information security management standard in the world. This certification presents that Xiaomi has fulfilled its commitment to users by meeting international standards requirements.

6.1.2 ISO/IEC 27018:2019 Certification

The ISO/IEC 27018 certification focuses on the protection of personal information in the cloud and is the first international code of conduct for this purpose. This certification confirms that Xiaomi has established an effective cloud data security and privacy management system that protects user data stored in the cloud.

6.1.3 ISO/IEC 27701:2019 Certification

The ISO/IEC 27701:2019 is the latest international standard created specifically for privacy protection, which integrates privacy protection practices into the information security management system. This certification demonstrates that Xiaomi adheres to the best privacy protection practices.

6.1.4 TRUSTe Enterprise Privacy Certification

The TRUSTe certification is a privacy and data governance framework developed by TrustArc, a certification organization focused on privacy protection. This certification indicates that Xiaomi has implemented an internationally recognized privacy compliance management system.

6.1.5 TrustArc GDPR Validation

TrustArc GDPR Validation is a comprehensive assessment of participating companies' privacy management program compliance, developed by TRUSTe LLC. This validation demonstrates that Xiaomi and its third-party processors comply with the relevant requirements of the EU General Data Protection Regulation (GDPR).

6.1.6 ioXt SmartCert

The ioXt Alliance's certification program follows its global standard and evaluates Internet of Things(IoT) products based on its eight ioXt principles, which provide clear guidelines for determining the necessary level of security for a particular IoT product. This certification confirms that the relevant Xiaomi product has met the required level of security.

6.1.7 TÜV Rheinland Privacy Attestation

MIUI is the world's first mobile system to pass the TÜV Rheinland Android System Enhanced Privacy Protection test, which fully proves that MIUI possesses comprehensive security and privacy protection capabilities in app permission management, private information sharing, malicious behaviour detection, interception, and other related fields.

More information is available in the Xiaomi Trust Center.