MSA on Xiaomi Redmi 9: hidden security module features you didn’t know about

Xiaomi Redmi 9 is still one of the most popular budget smartphones, despite the release of new models. Owners of this device often encounter the mysterious term MSA in the settings or logs of the system β€” but what is it and why is it necessary? If you notice the com.miui.guardprovider process in the task manager or received a notification about the β€œsecurity check MSA”, this article will help you understand all the nuances.

MSA (abbreviated to Mi Security Addon) is a proprietary security module from Xiaomi that works at the system level, it is responsible for protecting against malware, checking the integrity of the firmware and even affects the operation of certain functions, such as unlocking the bootloader. However, many Redmi 9 users face problems due to MSA: from increased battery consumption to blocking the installation of third-party applications. Let's see how this module is built and whether it can be turned off without consequences.

What is MSA on Xiaomi Redmi 9: a technical explanation

MSA (Mi Security Addon) is a comprehensive security solution that Xiaomi has integrated into MIUI since version 10. On Redmi 9 (model M2003J15SC/M2004J19C), this module performs several key functions:

  • πŸ” Real-time app scanning for viruses and suspicious activity (similar to Google Play Protect, but from Xiaomi).
  • πŸ›‘οΈ Loader Protection β€” MSA checks the integrity of system files every time the device is turned on, making it harder to install custom firmware.
  • πŸ”‘ Permission management for system and third-party applications (e.g., blocks automatic start of background processes).
  • πŸ“± Control of hardware functions such as NFC, IR-blaster or camera access for certain applications.

It is important to understand that MSA is not a separate application, but a piece of system software deeply integrated into MIUI. It cannot be simply removed through settings like a regular program. Moreover, on Redmi 9, MSA is closely linked to com.miui.securitycenter and com.miui.guardprovider, which are responsible for the security center and optimization.

One of the most controversial aspects of MSA is its interaction with Xiaomi servers, which sends installed application hashes, firmware version information, and even connected device data (e.g., via Bluetooth or Wi-Fi Direct) to remote servers, raising privacy questions, especially for users who prefer minimal telemetry collection.

πŸ“Š Did you know that MSA existed before this article?
Yeah, I've been keeping a close eye on MIUI's safety for a long time.
I heard, but I didn't realize it was
I only found out now.
I'm not interested.

How MSA affects the work of Xiaomi Redmi 9: pros and cons

MSA isn't just hanging around the system; it's actively influencing the performance, autonomy, and even functionality of a smartphone.

The spectaclePositive impactNegative influence
SecurityProtection against rootkits and spyware, blocking suspicious APKsFalse positives on legitimate applications (e.g. Magisk or ADB- Tools)
ProductivityOptimization of background processes, reduction of lagsIncreased RAM consumption (up to 150-200 MB in the background)
AutonomyBlocking energy-intensive background tasksMSA consumes up to 5-7% of its charge per day, according to Battery Stats.
CustomizationProtects against incorrect modifications of the systemComplicates unlocking the bootloader and installing TWRP

The impact of MSA on Redmi 9 with Android 10/11 firmware is particularly noticeable.

  • πŸ”‹ Fast battery discharge even in standby mode (MSA can wake the processor for scanning).
  • πŸ“± Frozen when installing APK due to prolonged file signature checks.
  • πŸ”’ Blocking access to system folders through file managers (e.g., /data/app).

⚠️ Warning: On some versions, MIUI for Redmi 9 MSA may conflict with Google Play Services, causing the "Device Not Certified" error.

Where to find MSA in the settings of Xiaomi Redmi 9

Unlike many system services, MSA does not have a separate section in its settings, but its activity can be tracked through several menus:

  1. Task Manager: Open Settings β†’ Applications β†’ Task Manager and find the processes com.miui.guardprovider or SecurityAdd. These are the components of MSA.
  2. Battery consumption: In Settings β†’ Battery β†’ Battery usage, check how much power the Security Center uses (this includes MSA).
  3. System Logs: With the Logcat application (developer rights required), you can find records with the MSA or GuardProvider tag.

If you want to see what kind of checks the MSA performs, you can use the ADB- command:

adb shell dumpsys activity services com.miui.guardprovider

This command will display a list of active MSA services, including current scanning tasks.

πŸ’‘

To temporarily suspend MSA activity, put your smartphone in flight mode for 10-15 minutes, which will stop background checks, but will not shut down the module completely.

Can I disable or remove the MSA on Redmi 9?

Technically, it is not possible to remove the MSA completely without making changes to the system partition (/system), but there are several ways to limit its activity:

Disable automatic check at the Security Center |Limit background activity via ADB|Install custom firmware without MSA|Use Magisk modules to bypass checks-->

Let’s look at each method in more detail:

  1. Disable Security Checks: Go to Settings β†’ Passwords & Security β†’ Security Center β†’ Settings (βš™οΈ) β†’ Security Check and disable the Scan Apps and Check System Files options. This will reduce the load, but will not deactivate MSA completely.
  2. ADB Restriction: Connect your smartphone to your PC and execute the command: adb shell pm disable-user --user 0 com.miui.guardprovider This will disable the main MSA service, but may cause MIUI to malfunction (for example, weather widgets will stop updating).
  3. Custom firmware: Firmware like LineageOS or Pixel Experience does not include MSA, but installing them will require unlocking the bootloader, which in itself may be blocked by MSA on some versions of Redmi 9.

⚠️ Warning: On devices with MIUI 12.5+, trying to disable MSA via ADB can result in a soft-brick (cyclical reboot). Before experimenting, back up through Settings β†’ Additional β†’ Backup.

A critical nuance for Redmi 9: on some batches of devices (with a MediaTek Helio G80 processor), the MSA is rigidly tied to the TrustZone hardware module, its deactivation can disrupt the work of Secure Boot, which will make the smartphone unusable without flashing through the SP Flash Tool.

MSA and Unlocking the bootloader: What You Need to Know

One of the most controversial features of MSA is its role in the process of unlocking the bootloader on the Redmi 9.

  • πŸ”“ Check the status of the Mi Account (device binding to the account).
  • ⏳ Counting the waiting time (72–168 hours after the first binding).
  • πŸ›‘οΈ Blocking unofficial firmware through signature verification boot.img.

If you are trying to unlock the bootloader through fastboot oem unlock, the MSA can:

  1. Block the command if the device is not tied to your Mi Account.
  2. Reset the waiting counter if a change in system files is detected.
  3. Send a notification to Xiaomi servers about an attempt to unlock (which may result in account blocking if fraud is suspected).

These limitations can be overcome by:

  • πŸ”§ Official Mi Unlock Tool (but waiting).
  • πŸ”— Exploits to bypass verification (e.g., EDL mode for MediaTek devices).
  • πŸ“± Use of patched versions of MSA (available on forums like XDA Developers).
What happens if you break the unlocking of the bootloader?
If you interrupt the unlocking process (for example, disable the USB- cable or turn off the PC), Redmi 9 can go to the hard-brick state. In this case, you will need firmware through EDL with an authorized Xiaomi account. Without it, you can not restore the device!

MSA and custom firmware: compatibility and problems

If you have custom firmware installed on Redmi 9 (like LineageOS or HavocOS), MSA may cause the following problems:

Problem.Reason.Decision
Dm-verity error when downloadingMSA checks integrity of system partitionDisable dm-verity via Magisk or patched boot.img
No access to the camera.MSA blocks HAL- camera modules for uncertified firmwareInstall ANX Camera or GCam patch with bypassing checks
NFC's not workingMSA controls access to NFC chip via NfcServiceSwitch to a modified vendor.img with NFC support

For full-fledged work custom firmware on Redmi 9 often requires:

  1. Remove or replace MSA files in /system/priv-app/MiuiGuardProvider.
  2. Swipe the kernel with avb2.0 check disabled.
  3. Use Magisk modules like Universal SafetyNet Fix to bypass inspections.

Example of a command to remove MSA via TWRP:

adb shell


su




mount -o rw,remount /system




rm -rf /system/priv-app/MiuiGuardProvider




rm -rf /system/app/SecurityAdd




reboot

⚠️ Warning: Deleting MSA on devices with MIUI 13+ may result in loss of Mi Account functionality (it will not be possible to log into a Xiaomi account).

Alternatives to MSA: can it be replaced with another antivirus

Many Redmi 9 users want to replace MSA with lighter or more functional solutions, such as Google Play Protect or Malwarebytes.

  • πŸ”„ MSA cannot be completely replaced, it is integrated into the MIUI kernel and is responsible for low-level checks.
  • πŸ“± Third-party antiviruses run on top of MSA, resulting in double scanning and increased load.
  • πŸ”’ Some MIUI functions (e.g., "Dual Apps" or "Children's Mode") require active MSA.

If you want to minimize the impact of MSA, you can:

  1. Disable the built-in security check in the Security Center and use Google Play Protect.
  2. Install the Magisk module "Disable MIUI Optimizations", which partially circumvents the limitations of MSA.
  3. Switch to AOSP firmware (e.g. Pixel Experience), where MSA is not available by default.

Example of setting up Google Play Protect as the primary scanner:

  1. Open Settings β†’ Google β†’ Security.
  2. Activate the option "Scan the device for threats".
  3. At MIUI Security Center, turn off Application Check.

πŸ’‘

MSA is not a classic antivirus, but a comprehensive security module that monitors not only malware, but system integrity, hardware functions, and even access to Xiaomi services. Its complete removal could disrupt the MIUI.

FAQ: Frequent questions about MSA on Xiaomi Redmi 9

MSA is consuming too much battery. How do you fix that?
Try the following steps: Turn off automatic scanning at the Security Center. Limit background activity via adb shell cmd appops set com.miui.guardprovider RUN_ANY_IN_BACKGROUND ignore. If nothing helps, consider switching to custom firmware without MSA.
Can I turn off MSA without root rights?
Partly yes. You can turn off its checks in settings, but you can't completely deactivate the module without root rights or ADB. On some versions, MIUI helps reset to factory settings with Mi Account disabling sync.
MSA is blocking APK installation. What do we do?
This is due to file signature verification. Solutions: Install APK via adb install (bypasses some checks); disable the "Check Unknown Applications Installation" option in the Security Center; use a file manager with MSA bypass support (e.g., FX File Explorer).
After the MSA was removed, the camera stopped working.
This is because MSA controls access to HAL- camera modules.Solutions: Restore the original vendor.img via TWRP. Install a patched version of GCam with check-bypass support. Sweep the ANX Camera module through Magisk.
MSA sends data to Xiaomi. How do you turn it off?
MSA does send telemetry, but it can be limited: Turn off the Send Diagnostics option in Settings β†’ About Phone β†’ Reviews and Analytics. Use a firewall (like NetGuard) to block MSA access to the network. Install the Disable MIUI Analytics Magisk module. You can only completely stop sending data by removing the MSA, but this is risky (see the warnings above).