Recently, Indian army had alerted the Indian army personnel and their family members to stop the usage of Xiaomi smartphones on security concerns. Xiaomi was accused of storing and backing up unauthorized data on its servers in Beijing. While IAF has blamed the Chinese smartphone company on the grounds of security, Xiaomi in a statement issued today said is yet to learn the specific details from Indian authorities but put forth some pointers to allay the security concerns.
To resolve the privacy concerns Xiaomi stated it is going to set up data centers in India and the data is going to be migrated to Amazon data centers away from its Beijing servers.
The Chinese company which typically sells its devices through flash sales every Tuesday on Flipkart has seen tremendous response from Indian buyers with the sales going out of stock in few seconds.
To address the security and privacy concerns of the Indian buyers, the company stated that it’s Mi Cloud service is optional service and the users are free to opt for the cloud back up service to back up their data and sync to other devices or can choose to use similar other third-party services like Dropbox and Google Drive. Same applies to its cloud messaging services which is similar to WhatsApp. Xiaomi stressed the fact that the user data are not collected without their consent and only the required personal data necessary for the services are stored. The users can any time opt in or out of the service and the company stressed that the data remains secure and is highly encrypted using AES-128 standard and cryptographic one-way hash functions.
Further Xiaomi stated further that the services and data pertaining to the Indian users are migrated from Beijing data centers to Amazon AWS data centers in Singapore and USA and the migration will be completed by the end of this year. Taking the Indian market seriously, the company also announced its plans to launch a local data center in India.
Addressing the particular concern of the advisory circular issued by IAF, the company said the report is probably based on F-Security, an anti-virus, cloud content and computer security company which in its July 2014 report was critical of the Redmi 1S regarding the activation of Cloud messaging services. Xiaomi added that they had immediately addressed the report and was acknowledged four days later by F-Secure.