Xiaomi Corporation is a Chinese multinational electronics company founded in April 2010 and headquartered in Beijing. Xiaomi makes and invests in smartphones, mobile apps, laptops, home appliances, consumer electronics, and many other products.Xiaomi has the world leading consumer IoT platform – Mi Home. Mi Home has connected more than 526.9 million smart devices till June 30, 2022 and the MIUI system have more than 547.0 million MAU.
Xiaomi IoT has a vast variety of products, including security category devices, smart home devices, wearable devices, entertainment devices, transportations, etc. You could find more products information in Mi Global.
Xiaomi has established the Vulnerability Disclosure Program which includes Recipient, Verification, Solution Development, Affected Scope Confirmation and Release SA. It’s an important process that could ensure the vulnerabilities of Xiaomi products will be disclosed accurately and immediately. Security researchers, industry organizations, government agencies and vendors could proactively contact our MISRC ([email protected]) or join open program on Hackerone to report potential product security vulnerabilities.
Xiaomi published the Trust Center to show our efforts and achievements on Security, Privacy, Compliance and Transparency.
For Security, we published the Cyber Security Baseline for Consumer IoT Device Security Baseline for Consumer Internet of Things Device.pdf) in Nov 2020. Based on the operation of the baseline since its release, we’ve adjusted the baseline content and released version 2.0 by combining the results of numerous product security tests, actual business departments’ feedback and industry security research analysis. This baseline is intended to help domestic IoT manufacturers have an open, convenient and practicable security guide when designing and developing consumer IoT products.
For Privacy, Xiaomi also published the IoT Privacy White Paper in June 2021. While Xiaomi never stops on the road of user privacy protection. Our products and services are also being explored and upgraded in various ways to better protect the privacy and security of our users.
According to the changes, we’ve updated our IoT Privacy White Paper this year. It mainly introduces the data collection and usage for 5 main types of IoT Products and 2 connected mobile applications. The international data transfer, privacy governance and privacy principles, security and privacy certifications, etc., are also included.
For Compliance, we’ve got some Global Certifications like ISO 27001, ISO 27701, TRUSTe Certification, etc. In July 2021, we got BSI Kitemark Certification which is conducted ETSI EN 303645 Standard on our Camera and Mi Home app. This year we got TÜV Rheinland Cybersecurity and Privacy Protection Standard Certificate on our Robot Vacuum, UL IoT Security Rating level3 (Gold) Certificate on our Scooter which are also conducted ETSI EN303645 Standard for test and audit. For more details, please visit our Trust Center – Compliance.
Our practice has been rigorously tested and is worth the trust of users.