Unknown sources on Xiaomi: how to turn off and why it is important

Why is Xiaomi warning about unknown sources?

On Xiaomi smartphones under the control of the shell MIUI Users are regularly warned by the system to attempt to install applications from "unknown sources"; this is not a bug, but a built-in security mechanism that blocks the installation. APK-Files that were not downloaded from the official Google Play store or Mi App Store, a feature that was introduced in Android 8.0 Oreo, but in the Android app. MIUI It is implemented with additional nuances.

The main reason for this warning is an attempt to install an application downloaded from third-party resources (for example, APKMirror, 4PDA or even from official developer sites). Xiaomi’s default system blocks such installations to protect the user from potentially dangerous software. However, sometimes this feature interferes with legal actions, such as installing beta versions of applications or specialized software that is not available in the Play Market.

It's important to understand that disabling protection from unknown sources completely deprives the device of one of the key layers of security. APK-files masquerading as useful utilities or modified versions of popular applications, so before disabling this feature, it is worth weighing the risks and making sure that the source of the downloaded file is reliable.

Where is the Unknown Sources setting in MIUI?

Unlike pure Android, where the settings of unknown sources are concentrated in one place, MIUI is scattered across several sections.This is due to Xiaomi's security policy, which requires separate confirmation for each application trying to install APK. Let's look at the main ways to access these settings.

The main section is in: Settings β†’ Applications β†’ Special Rights β†’ Installation of Unknown Applications

This shows you a list of all the apps that have ever requested APK installation. For example, if you downloaded a file from Chrome, it will appear on this list. There is a switch next to each application that allows you to allow or disable installation.

πŸ“Š How often do you set up APK source?
Never.
Rarely, only verified files
Often, for software testing
Constantly, the main method of installation

The second important section is security settings: Settings β†’ Password and security β†’ Protection against viruses

You can turn on or off scanning for threats, and even if you allow installations from unknown sources, MIUI will automatically check all new APKs for viruses if they are active, which is an additional layer of protection, but it does not replace the main lock.

Step-by-step: how to disable unknown sources on Xiaomi

If you are sure of the source APK-If you have a file and are ready to take responsibility for the security of the device, follow this instruction. Please note that the process may vary slightly depending on the version. MIUI (for example, MIUI 12/13/14 The interface is slightly changed, but the logic remains the same).

  1. Open the settings on your Xiaomi smartphone.
  2. Go to the Applications β†’ Special Rights β†’ Install Unknown Applications.
  3. In the list, find the app you plan to install APK through. For example, if you downloaded a file through Chrome, select it.
  4. Activate the switch Allow installation from this source.
  5. Confirm the action in the window with the warning.

Check the source of the file for reliability

Download APK only from official sites or proven resources

Enable virus scanning in MIUI

Create a backup copy of important data

Disable permission after installation (recommended)

-->

Then you can install the snail. APK-But remember, the permission is only valid for the application you've chosen, and if you download a file from another browser or file manager, you'll have to re-authorize it.

To completely disable the verification of unknown sources (not recommended), you can use the developer mode:

  1. Activate Developer Mode by pressing the MIUI version 7 times in Settings β†’ About Phone.
  2. Back to Settings β†’ Additionally. β†’ For developers.
  3. Find the USB Check option (debugging) and turn it on.
  4. Connect your phone to your PC and execute the command: adb shell settings put global install_non_market_apps 1 This will disable system-level verification, but requires rights. ADB.

πŸ’‘

If the application does not start after installing the APK, check if the built-in MIUI antivirus blocks it. Go to Settings β†’ Password and Security β†’ Virus Protection β†’ Scanner and add the application to exceptions.

What is the danger of disconnecting protection from unknown sources?

Disabling the installation lock from unknown sources opens up several critical vulnerabilities:

  • 🦠 Malware: The risk of installing Trojans, spyware, or viruses masquerading as legal APK. For example, modified versions of WhatsApp or Telegram often contain backdoors.
  • πŸ“± Data theft: Some apps may access your contacts, SMS, Photos or bank card data without your knowledge.
  • πŸ”„ Automatic installation: Some viruses are able to download and install other malware on their own if the protection is disabled.
  • 🚫 Account Blocking: Google may block your account if it detects suspicious activity related to installing uncertified apps.

According to Kaspersky statistics, 2023 year-over 30% The malware for Android is spread through APK-files downloaded from unknown sources, while Xiaomi is in the top-5 brands whose devices are most often targeted for such attacks due to the popularity of the shell MIUI Countries with low levels of digital literacy.

Example of a real threat
In 2022, a FakeApp Trojan was discovered spreading through APK-modified popular games (such as Free Fire and PUBG Mobile) and sending SMS messages to pay numbers and stealing credit card details, affecting more than 500,000 users, most of whom disabled protection from unknown sources.

If you need to install an application from a third-party source, follow the β€œone resolution, one installation” rule: give the right to install only the desired application (for example, a browser) and immediately after installing the APK, disable this permission back.

How to check APK-security file before installation?

Even if you disable protection from unknown sources, it doesn't mean you have to blindly trust any downloaded file. Here are some ways to check APK before installing:

Method of verificationToolsChecks
Virus scanningVirusTotal, MetaDefenderPresence of malicious code, Trojans, spyware
Certificate verificationAPKMirror, APKPureDeveloper authenticity, lack of modifications
Permit analysisAppBrain, APK AnalyzerExcessive rights (e.g. access to SMS or geolocation)
Checking the hash amountMD5 CalculatorMatch of the file to the original (if there is a reference hash)

One of the most reliable ways is to upload an APK to VirusTotal, which will scan the file with more than 70 antiviruses and show if there are threats, and if at least 2-3 antiviruses detect a problem, you should refuse to install such a file.

Also pay attention to the permissions that the application requests. For example, if the messenger asks for access to your contacts and SMS, this is normal, but if the calculator requires the right to send SMS or access geolocation, this is a reason to be wary.

πŸ’‘

Even if the APK has passed a virus test, the app installed may be suspicious, and keep track of traffic, battery and background activity in the first days after installation.

What if after the switch off the protection, the phone began to brake?

If, after installing an application from an unknown source, the device began to run slower, warm up or discharge quickly, malware most likely appeared in the system.

  1. Remove recently installed apps through Settings β†’ Apps.
  2. Run virus scanning with the built-in MIUI antivirus (Settings β†’ Password and Security β†’ Virus Protection).
  3. Check the active processes in Settings β†’ Battery β†’ Battery Use. If an application consumes too much resources, delete it.
  4. Reset network settings: Settings β†’ Connections and Sharing β†’ Reset network settings.
  5. In extreme cases, perform a reset to factory settings (Settings β†’ About phone β†’ Reset settings), pre-saving important data.

If the problem persists, check the device for rootkits, a type of malware that is embedded in system files and difficult to remove, and you can use specialized utilities such as Rootkit Remover (available on Google Play).

πŸ’‘

If a smartphone has started showing ads in system windows (such as notification menus), this is a sure sign of an adver virus, which often penetrates modified APKs and requires a complete reset of the device.

Alternative ways to install applications without disabling protection

If you need to install an app that isn’t on Google Play, but you don’t want to disable protection from unknown sources, there are a few legal alternatives:

  • πŸ“± Xiaomi’s official store contains many apps that are not available in the Play Market, but have passed security checks.
  • 🌐 Web versions (PWA): Some services (e.g. Twitter, Spotify) offer web applications that run through a browser without installing.
  • πŸ”„ APK From trusted sources: Download files only from official developers’ sites (e.g. Telegram offers a free download). APK on the website telegram.org).
  • πŸ› οΈ Third-party launchers: Some launchers (like Nova Launcher) allow you to install widgets without completely disabling protections.

Another reliable way is to use Google Play Protect, which is built into Android, and it scans all the apps you've installed, even those that you've downloaded from APK, to enable it:

  1. Open the Google Play Market.
  2. Click on the profile icon β†’ Play Protect.
  3. Activate Scan your device for security threats and improve malware detection.

This will not replace the full lock of unknown sources, but will add an additional layer of protection.

FAQ: Frequent questions about unknown sources on Xiaomi

Can I permanently disable the warning of unknown sources?
Technically yes, but it requires superuser rights (root) or use. ADB-However, this is highly discouraged, as it deprives the device of basic protection, it is better to give permission to install only trusted applications (for example, a browser or file manager) and disable it after installation.
Why did the settings of unknown sources reset after the MIUI update?
This is standard MIUI behavior for major system updates, Xiaomi developers reset APK installation permissions to improve security, and once upgraded, they will have to re-enable the right applications.
How do I know which application has requested an installation from an unknown source?
Go to Settings β†’ Applications β†’ Special Rights β†’ Install Unknown Applications. Here will be a list of all the apps that have ever requested this permission, even if it is now disabled.
Can I install APK on Xiaomi without warning if the file is secure?
Yes, but only if the file is signed with an official developer certificate, for example, APKs from Telegram or Signal are installed without warning, because these companies have confirmed their authenticity in Google, but even then MIUI can show a warning, but without blocking the installation.
What if an unknown source is blocked, but the installation still does not work?
Check the following points: Make sure that APK-The file is intact (try to download it again). Check if the device has enough memory. Turn off the built-in antivirus. MIUI during installation (Settings) β†’ Password and security β†’ Protection against viruses, if used MIUI 14+, try to install APK Mi File Manager – it has extended rights.

If you have any doubts after reading this article, it is better to refuse to install APK from unknown sources. In most cases, similar applications can be found in official stores, albeit with some restrictions.