How to Unlock Non-US Samsung Devices Locked by Regional Bootloader

Updates to non-US versions of various Samsung devices brought a different kind of lock that may initially panic users. However, the locks are not intended to effect development, but rather device theft – of course, such security measures always somehow effects the development community.

The lock itself is inside the bootloader, but the trigger for the lock is inside the system – its fairly difficult to reproduce, but it typically triggers when you insert a SIM card from another country than your firmware country version. It seems a bit odd since people obviously travel and temporarily use SIM cards from countries they are visiting, but we’re not Samsung’s security experts.

What basically happens is the device will reboot and wipe data – this really won’t effect people on stock ROM, despite the sudden wiping of their data simply for using a SIM card from another country, but if you have for example a custom binary such as a rooted kernel or TWRP, you will be prevented from booting, because the bootloader will be locked against booting on custom binaries that alter the system.

The following Samsung devices are confirmed as having this protection method:

  • Samsung Galaxy S9 & S9+ – SM-G960F & SM-G965F
  • Samsung Galaxy Note 8 – SM-N950F
  • Samsung Galaxy S8 & S8+ – SM-G950F & SM-G955F
  • Samsung Galaxy A8 & A8+(2018) – SM-A530F & SM-A730F
  • Samsung Galaxy A Series (2017) – SM-A320F/FL, SM-A520F & SM-A720F
  • Samsung Galaxy Note FE – N935F

Once you have been locked out of your phone, you will notice one of these symptoms:

  • A message stating “Only official released binaries are allowed to be flashed”.
  • The “OEM Unlock” option is unavailable in the Developer Options.
  • If you boot into Download Mode, it will display “RMM State = Prenormal”.

Downloads:

How to Unlock

If your Samsung device is locked due to triggering the above described protection, your only option is to insert your country SIM, flash the latest full stock firmware (your country version) via Odin, then boot your Samsung phone.

Do not reboot the phone and do not remove the SIM – leave it connected to the network for 7 full days. After 7 days of uptime, the RMM state will reset and you should be able to flash TWRP again. You can check the current uptime in Settings > About Device > Status.

In order to avoid being locked again, there is a method to disable the lock protection. You need to flash TWRP for your Samsung device, then boot into TWRP and flash install this fix.

You can flash this zip after flashing any custom ROM, to be sure you do not get locked. The zip has a universal script that disables the services responsible for the locking mechanism. It cannot be flashed to a device that is already locked, but if you get your device unlocked, it can be flashed to prevent a lock from happening again.

Installing TWRP Safely

  1. First you need to download the latest Odin and install the Samsung USB Drivers.
  2. You also need to download the latest RMM-State_Bypass fix from the Downloads section of this guide, and the latest TWRP available for your Samsung device.
  3. Copy the RMM-State_Bypass.zip to your external SD card.
  4. Go to Settings > Developer Options and enable OEM Unlock.
  5. Connect your Samsung device to your PC via USB, then reboot into Download Mode.
  6. Launch Odin on your PC, go to the Options menu and make sure Auto-reboot is not checked.
  7. Click the AP tab in Odin, and choose the TWRP .tar file – then hit ‘Start’.
  8. After TWRP is flashed in Odin, you should see a green “Pass!” button.

Be very careful with this next steps and read thoroughly ahead.

Disconnect your Samsung from your PC, then press and hold Home + Volume Down + Power until it exits Download Mode.

As soon as the screen goes black, release the Volume Down and press Home + Volume Up + Power for about 10 to 15 seconds – this should force the device to immediately boot into TWRP. If you allow your Samsung to boot into the Android system, it will become locked again.

Once you are booted into TWRP, swipe to allow modifications, and flash the RMM-State_Bypass.zip from TWRP Install menu.

After it has successfully flashed, you can now reboot into the Android system.

How to Safely Root

After your Samsung has been unlocked and TWRP is installed, follow these steps very carefully.

Download root .zip and no-verity-opt-encrypt-6.0, and copy them to your external SD card.

Boot into TWRP and allow modifications. Then go into the Wipe menu and choose “Format Data”. This will erase all of your data including internal storage.

Choose “Reboot Recovery”, allow modifications again, and flash RMM-State_Bypass.zip

Flash the no-verity-opt-encrypt-6.0 zip to disable the data partition encryption.

Now flash the root zip, and reboot to system.

Once you are in the setup wizard, make sure to uncheck Diagnostic Data.

ABOUT THE AUTHOR

Kamil Anwar


Kamil is a certified MCITP, CCNA (W), CCNA (S) and a former British Computer Society Member with over 9 years of experience Configuring, Deploying and Managing Switches, Firewalls and Domain Controllers also an old-school still active on FreeNode.