As India tightens the screws on cybersecurity, a quiet but decisive shift is unfolding in the surveillance market. By April 1, 2026, internet‑connected CCTV cameras that cannot meet the government’s new STQC certification regime will effectively be barred from sale. At the centre of this change are several major foreign brands whose internet‑connected CCTV cameras are no longer being sold in India under the new STQC rules, while Indian brands and local manufacturers are emerging as compliant alternatives in the market.
What Exactly Is Changing?
The shift isn’t triggered by a single headline‑grabbing order, but by a layered regulatory overhaul that has been on the books since 2024. In March 2024, the Ministry of Electronics and Information Technology (MeitY) notified Essential Requirements (ER) for CCTV cameras, and on April 9, 2024, it brought CCTV cameras under the Compulsory Registration Order (CRO) framework, making STQC certification mandatory for government and public‑surveillance projects.
These rules require that every connected CCTV product sold in India must undergo rigorous testing for cybersecurity, data‑localisation, backdoor‑free firmware, and hardware transparency. From January 1, 2024, such certification was already mandatory for all CCTV cameras procured by government departments or used in public‑surveillance projects, while the broader market was given a transition and relaxation period to clear non‑compliant stock.
The effective date for the full ER‑linked framework for all manufacturers, importers, and sellers was April 9, 2025, but the government extended the relaxation window beyond that. Now that statutory relaxation time is over, a final cutoff of April 1, 2026 means even existing non‑STQC stock can no longer be legally sold.
For the market, the practical effect is simple: no new sales of foreign‑origin internet‑connected CCTV cameras that cannot meet—or have not chosen to pursue—STQC certification. That puts several major foreign brands in a bind, not because certification is impossible in theory, but because the level of security scrutiny and the associated political and commercial optics make compliance a high‑risk, high‑cost proposition.
Why Chinese Brands Are Being Sidelined
Public reports and industry commentary indicate that STQC clearance has not been granted so far to many Chinese‑origin CCTV products, particularly those that rely on Chinese‑made chips and software stacks. The stated rationale is concerns that such devices could potentially contain back‑doors or remote‑access capabilities that might be exploited for surveillance or data exfiltration, especially in critical infrastructure and government projects.
For several global IP‑camera leaders, meeting STQC requirements would likely entail significant changes, including possible hardware redesigns, shifting to alternative chipsets, greater transparency into firmware, and tailoring products specifically for the Indian regulatory environment. For consumer‑oriented brands built on high‑volume, low‑cost models, the same compliance stack could increase costs and add complexity to global supply‑chain management.
In that light, the choice by some foreign vendors to not aggressively pursue STQC certification begins to look less like a simple oversight and more like a strategic reassessment of whether the Indian market’s regulatory and commercial conditions still justify the investment.
TP‑Link India, for instance, has clarified its position amid the coverage.
“We are aware of certain rumours and misleading reports regarding the certification and business status of our surveillance product range. We would like to clarify that such claims are unverified and do not reflect the actual situation,” TP-Link India informed CXO XPERTS in a statement.
It emphasised that TP‑Link India is a subsidiary of TP‑Link Systems Inc., headquartered in Irvine, California, United States and added that its global R&D operations are owned and controlled by the US headquarters, with no foreign government access to design or production, and that chipsets used in its products are sourced, made, or designed in Taiwan and the United States.
“At TP-Link India, certification processes of IP cameras are actively underway and aligned with all regulatory requirements. We remain fully committed to compliance, transparency and product quality.” TP-Link furthermore added, “Ongoing developments are part of standard regulatory procedures and are being addressed through the appropriate channels.” In addition, TP-Link India stated that two models from their VIGI series (VIGI C340 and VIGI C440) have already been granted BIS certification.
CXO XPERTS reached out to Hikvision India for a comment, however, Hikvision India has declined to provide a statement, choosing not to comment on its position regarding the current situation.
Domestic Players Lean Into STQC Early
Unlike several foreign brands, some Indian surveillance vendors have treated STQC as a strategic differentiator. Long before the April‑1, 2026 cut‑off, a number of domestic companies began working with STQC‑recognised labs and aligning their product roadmaps to the IoTSCS‑ER (Essential Requirements for IoT‑based Surveillance and CCTV Systems) framework, voluntarily bringing their hardware and firmware under India‑specific cybersecurity scrutiny.
The result is that a growing set of STQC‑certified PTZ and IP‑camera models, built and designed within India, now meet the government’s cybersecurity and data‑sovereignty expectations. Several Indian brands have also obtained BIS certification for parts of their portfolios, reinforcing a broader “Make‑in‑India” positioning that promises local‑origin control, secure update mechanisms, and tight integration with India’s push for a “secure digital Bharat.”
“For all players in the ecosystem, this is a chance to improve and strengthen our capabilities. Compliance is no longer just a requirement—it’s becoming a shared benchmark for credibility and future readiness,” said Aditya Khemka, Managing Director, CP PLUS. “As standards become more robust, companies must adapt their products, processes, and architectures to meet these expectations. This may take time and investment, but it ultimately leads to a stronger and more resilient industry.”
The Bigger Picture: Security, Sovereignty, and Market Evolution
India’s move to restrict Chinese‑origin CCTV cameras from mainstream sale is not just about one product category. It is part of a broader push toward digital sovereignty and supply chain security. In the wake of geopolitical tensions and rising awareness of data privacy risks, the government is treating surveillance hardware as critical infrastructure, not as a generic consumer gadget.
For foreign brands, the message is straightforward: the Indian market will be open primarily to those willing to open their hardware and software to local scrutiny, redesign their supply chains, and accept stricter regulatory oversight. For domestic players, the same conditions create a competitive advantage, offering a chance to scale up, deepen innovation, and build trust with Indian customers.
As the April 1, 2026 deadline approaches, the contours of the Indian surveillance market are becoming clearer. On one side are the Chinese brands, whose presence in the connected CCTV space is being gradually reduced. On the other side is an emerging ecosystem of compliant Indian brands, positioning themselves around the idea that surveillance in India will increasingly be Indian‑made, Indian‑controlled, and Indian‑secured.
The story has been updated on 02-04-2026.
