My Xperia Theft Protection (MXTP) provides bootloader-level security against thieves

by XB on 9th June 2015

in Applications, Featured Content


My Xperia Theft Protection MXTP_1Sony’s “my Xperia” feature will be familiar to most Sony Xperia owners. The service is similar to Google’s Android Device Manager, allowing users to locate, ring, lock or wipe a device remotely. However, a big disadvantage with these services is that it is relatively easy for someone to wipe a phone clean and ‘my Xperia’ or ‘Android Device Manager’ with it.

Google plans to try and address this problem in Android 5.1 with a feature called “Device Protection”, however for the time being it is only available to select Google Nexus owners. The good news for Xperia owners is that Sony has provided its own solution running on Android 5.0.2 Lollipop in the form of “My Xperia Theft Protection (MXTP)”. Currently, only three Sony Xperia devices supports MXTP including the Xperia M4 Aqua, Xperia C4 and Xperia Z4 Tablet.

MXTP is added to the bootloader of a phone, which means it will continue to protect your phone even if someone tries to wipe a device clean using PC Companion or third-party solutions such as Flashtool. If someone does wipe a device, whilst you won’t be able to use the ‘my Xperia’ feature to locate it anymore (since all personal data on the operating system is deleted), MXTP will render it useless to a thief unless they know your Google log-in details.

My Xperia Theft Protection MXTP_1

The Sony Xperia device will enter into a ‘Lockdown’ mode if unusual patterns are detected such as:
– Someone tries to factory reset your device
– Someone performs a software repair using PC Companion (or using Flashtool)
– Someone deletes the Google account associated with MXTP
– Someone disables MXTP in the settings but fails to provide the correct login details 5 times
– Someone deletes MXTP or removes the admin rights
– Lockdown can be manually activated by the owner through the MyXperia website

Under Lockdown, the following is what happens to your device (the only way to exit Lockdown mode is by correctly entering your Google details associated with the MyXperia account):
– All running applications are stopped.
– You can no longer maximize the notification panel.
– Incoming calls are sent to voicemail (if available).
– Outgoing calls (except emergency calls) are blocked.
– The USB port will only be available for charging. It will not be possible for a PC or Mac to detect the device.

My Xperia Theft Protection MXTP_2 My Xperia Theft Protection MXTP_3

Enabling MXTP is exactly the same as you would for ‘my Xperia’. Head into Settings > Security > ‘Protection by my Xperia’ to activate it. There is no screen to show that you are enabling a much deeper theft protection system versus the old solution. The same menu is used to deactivate the device, you will need to enter your Google log-in details to do this.

MyXperia Theft Protection is a much broader and useful tool compared to the old ‘my Xperia’. Whilst it won’t do anything extra to help you locate a phone, it will much it much more difficult for a thief to benefit from your loss as MXTP will effectively render the device a paperweight without the correct login details. One caveat is that you will not be able to activate MXTP if your phone has an unlocked bootloader as Sony says it is “impossible to guarantee security on a platform where there is no security”.

  • Stanley Lu

    What happens if you have Two-Step Verification for your Google account with Authenticator on your phone?

  • Chaturanaga Manchanayake

    There goes the slap to the unlocked bootloader device users including myself. Good thing I backed up my ta.img

  • Lunkz

    You use your Paper Code which you got from Google on the first Setup.

    Or do you mean, what if the thieve uses you Google authenticator ?

  • Felix

    You can ask it to send a text message (SMS). Or use a backup code.

  • Crusher_Sprite

    What a great feature. There are alot of high end smart phone thief in my country, now I can walk with less worry.

  • dimz

    To use the authenticator, they must also have your password. I’m fairly certain that the password stored in your device is not in plain text form.

  • Ambroos

    You have to be online to authenticate MXTP, so they probably just use one of Google’s login flows (including authenticator support).

  • George

    https://www.flickr.com/gp/81079282@N02/1v8BAs

    I am impressed how Z2 stands against S6 just wow thats why i prefer to test phones by myself

  • Pingback: My Xperia Theft Protection (MXTP) ?????????????????????????????? bootloader()

  • PacoBell

    This situation is *precisely* why I store my Authenticator secrets in my Yubikey Neo. It’s not tethered to any particular device and it’s always on my person.

  • gamer324

    That is indeed impressive, just imagine how much better the Z3+ would fare! can’t wait to see a comparison from some credible site (like dpreview) for the z3+ vs the rest of the 2015 flagship crop.

  • mountain

    – All running applications are stopped.
    – Incoming calls are sent to voicemail (if available).
    – Outgoing calls (except emergency calls) are blocked.

    So if someone picked up your phone and want to return to you, you are screwed?

  • aryan1357

    if some try to return they will not try wipe your phone and factory reset!!

  • jag

    Why is the photo of S6 taken January last year?

  • Vladislav Pashnev

    Again they fucked up with support of earlier products. Just like with quick charge 2.0 which is not working on z2 and z3 (except tablets), even though snap 801 has this feature, sony bastards didnt include support of it.

  • stuck_788

    is it possible to erase the memory sd card from remote or not?

  • Chan Kin Cheung

    The word “Security” never meant “Unable to break-in”, but rather “It is too costly to break-in”.

  • BruceLeeRoyJenkins

    Prototype? Time traveler? Beta tester?
    Whichever sounds more realistic

  • bahar_b

    it’s true indeed.
    The Sony Xperia device will enter into a ‘Lockdown’ mode if unusual patterns are detected such as:
    – Someone tries to factory reset your device
    – Someone performs a software repair using PC Companion (or using Flashtool)
    – Someone deletes the Google account associated with MXTP
    – Someone disables MXTP in the settings but fails to provide the correct login details 5 times
    – Someone deletes MXTP or removes the admin rights
    – Lockdown can be manually activated by the owner through the MyXperia website

  • Dhany Wibiksana

    Why this service came out now, my xperia v Lost…. Hiks…. Hiks.

  • Matt

    Check your source z3 support quick charging, you just need a compatible charger

  • Vladislav Pashnev

    I wish… But its not:) Sony support wrote a letter for my question, and the list for qc2.0 is: tablet z2, tablet z3 compact, z3+, tablet z4, z3 compact, and japanese z2/z3. European version z3 is not on the list. Hardware supports it, but software is not. Maybe be they will fix this with any update, but honestly, I hardly believe in this:) Also a guy on a forum wrote that he tested z3 with qc2.0 charger and result was the same as with inbox charger.

  • Chan Kin Cheung

    even if your xperia v is not lost, this service would still not support xperia v. Since you have to buy a new phone anyways, get on with it Bro

  • Riyal

    “impossible to guarantee security on a platform where there is no security”

    But samsung is able to guarantee security with no security…. Just take a look at their reactivation lock feature. If it’s on you’re literally banned from using the recovery and couldn’t flash, unlock or whatever system level modification you want on your phone until you turn it off which obviously requires you to input your samsung account.

  • jag

    I Knew it! Someone in the future have invented the time machine!!! This explains why! hahahaha

  • fedginator

    How does it stop you accessing recovery?

  • RachalPDaigneault

    $7550 in 4 weeks on the internet @ @mk6

    ..

    http://www.AuthoritySkylightBing/quick/dollars….

  • Amimanot

    But… My US z3c does charge faster with a quickcharge 2.0 compatible charger. And the light on said charger did change color, indicating a qc 2.0 compatible phone is charging

  • bahar_b

    If you afraid losing you smartphone don’t buy it.use public phone.
    If you hate traffic jem buy a helicopter.
    If you hate kid use condom.
    And a lot of solution if you had something not match you need.
    And yes indeed “if you can”….can you?

  • Matt

    oh well, quick charger worns the battery out faster anyway . . and i always charge the phone at night with slow charger :P

  • Snorky112

    samsung doesnt allow you to unlock your bootloader tho

  • Snorky112

    it is, if one figures out how to do it, there’s always a way, think like a hacker

  • Snorky112

    the slower you charge, the better it is for the battery

  • Vladislav Pashnev

    Because z3c is on the list and z3 is not

  • Vladislav Pashnev

    Same thing here, but sometimes battery cant make it till the evening and thats when things go wrong:)

  • Amimanot

    Oh… Didnt see there, I thought you meant only the Japanese z3c supports it

  • Jecht_Sin

    And if you don’t like security options simply don’t enable them.

  • Stanley Lu

    I mean, If i got my phone back and it’s already been reset. I have to login to my Google account to use it; however, in order to log in, I have to log in my Authentication code as well. Yet… the Authenticator app was on my phone….

  • Stanley Lu

    I meant, If i got my phone back and it’s already been reset. I have to login to my Google account to use it; however, in order to log in, I have to log in my Authentication code as well. Yet… the Authenticator app was on my phone….

  • Stanley Lu

    I meant, If i got my phone back and it’s already been reset. I have to login to my Google account to use it; however, in order to log in, I have to log in my Authentication code as well. Yet… the Authenticator app was on my phone..

  • dimz

    You’d probably need a backup code, or you could tell Google to send the code via SMS or e-mail.

  • Lunkz

    Like I said, you get on the Setup of the Authenticator from Google, 10 Paper Codes which you write down or Print it, for cases like this. You can use the 10 Codes only one time, after that you need to generate new ones. But not every site which uses Google Authentication System has this Paper Codes.

  • Ricardo Ca

    It will come for other devices?

  • Matt

    just charge the damn thing =,=

  • Matt

    well if that happen you can always, . . you know ? charge it?

  • Pingback: My Xperia Theft Protection, el nuevo antirrobo de Sony que protege desde el bootloader - TodoMovil()

  • George

    s6 was running retail mode so maybe thats why :D
    and i forgot z2 has more mp left :D picture was taken only in 15.5 mp

  • Pingback: My Xperia Theft Protection, el nuevo antirrobo de Sony que protege desde el bootloader – Android Curioso()

  • Riyal

    It’s already unlocked… Else flashing a nandroid backup that has a different CRC hash would brick a samsung device. Take for example the AT&T Samsung devices. It’s bootloader locked and flashing a different firmware that’s not AT&T would render your device stuck on the android boot logo. It doesn’t even let you boot the kernel.

  • Hopefully all the Xperias having updates will be covered (Such as all the Z series for the least)

  • and how is getting into recovery gonna help?

  • fedginator

    Flash system image

  • Igorbass

    When the My Xperia Theft Protection will arrive for the Xperia Z2 ? It is a very important protection to only be in a few devices…..

  • Imfaz Farzana

    I’m 100% sure with my email and password but it says “incorrect user name and password”
    what can i do?????
    plz help

  • OMAR FLORES

    Hi, I have a problem with my xperia, I do the factory reset on it and now I got My Xperia Theft Protection (MXTP)”, I have my acount of gmail but I got a nother screen it´s said It´s stop My Xperia Helper… Please help!!!

  • Pingback: Xperia Companion – Sony’s new PC software to manage your Xperia device | 3Buzz Now()

  • Pingback: Anonymous()

Previous post:

Next post:

Sitemap