Industry Faces Camera Shortages
India’s video surveillance industry is undergoing a seismic disruption following the government’s directive mandating STQC (Standardisation Testing and Quality Certification) for all internet-connected CCTV cameras. Although introduced as a national cybersecurity safeguard, the implementation has triggered widespread operational bottlenecks, fractured market access, and is forcing the closure of numerous small and mid-sized businesses. The crisis has since escalated, with the Bureau of Indian Standards (BIS) issuing mass cancellation notices to non-compliant licence holders, effectively stalling projects, freezing inventory, and leaving global manufacturers mired in regulatory uncertainty.
When SECURITY UPDATE first reported in April 2025 on the government’s enforcement of STQC norms, we had predicted that the move could entrench market dominance in the hands of a few certified players while marginalising the broader industry. We also highlighted the policy’s lack of infrastructure, procedural clarity, and fair transition timelines. Three months on, our concerns have been validated by developments now reported by leading global media, including Reuters. The industry today faces an alarming slowdown — marked by cancelled licences, suspended deployments, and plummeting sales — confirming the systemic fallout we had forecast.
As part of our commitment to balanced reporting, SECURITY UPDATE had reached out to several leading international surveillance OEMs — including Axis Communications, Hanwha Techwin, Honeywell, Bosch, Panasonic, and CBC-GANZ etc — with a detailed questionnaire. We sought their perspectives on the operational challenges they were encountering in obtaining STQC certification, their views on the fairness and transparency of the process, the strategic and commercial risks involved, and any policy recommendations they might offer. We did not receive a single response officially. While their silence may reflect the legal or diplomatic sensitivity of the matter, it also emphasises the communication gap that continues to surround this policy shift. SECURITY UPDATE remains committed to maintaining a neutral, fact-based stance, offering space for all stakeholders to voice their concerns — should they choose to do so. Our outreach to gather facts has also revealed that even the certified players have only a handful of camera models which have received certifications and even they have their applications pending at various stages of evaluation and testing in various labs to meet the persistent market demand for more models to meet different design applications of video surveillance system projects.
Where we stand today
India’s surveillance industry is experiencing an unprecedented shake-up in the wake of the government’s decision to mandate STQC certification for all internet-connected CCTV cameras. While framed as a national cybersecurity imperative, the rollout has caused operational gridlock, fractured market access, and forced the shutdown of hundreds of small and mid-sized players.
Just after the April 9th order deadline, a flood of formal licence cancellation notices issued by the Bureau of Indian Standards (BIS) to non-compliant manufacturers has deepened the crisis — with project work halted, inventory rendered unsellable, and foreign players stranded in regulatory limbo. According to an industry source there were around 1300 BIS licences that had been issued covering thousands of camera models, all these players now face closure of CCTV business and diversifying their product portfolio.
An industry player, wishing to remain anonymous, remarked, The STQC order had divided the market. It’s the 4-5 STQC certified players and the rest of the CCTV industry, which incidentally includes big brand names such as Bosch, Panasonic, Axis, Motorola, CBC Ganz etc.”
Licence Revoked: The BIS Clampdown Begins
One such BIS notice, issued to a licence holder marketing the Shiva CCTV brand, outlines the scale of disruption. Though the BIS licence (No. R-81017752) was valid until November 2026, the letter charges the company with failing to obtain STQC certification in time and proposes its cancellation.
“You have failed to comply with the said Quality Control Order issued by MeitY… you are advised to stop the supply and sale of the non-compliant goods… and withdraw them from warehouse/market/distributor/in-transit,” the notice states. The firm has 21 days to submit details of inventory, packaging, and outstanding orders or face termination without further hearing — and possible prosecution under Section 29 of the BIS Act.”
Industry insiders confirm that hundreds of such notices have gone out to similar firms, particularly those relying on Chinese OEMs. “We were compliant with BIS standards all along, and suddenly the goalpost changed,” said Mr. Shiv Charan Yadav, a senior distributor. “Now, without STQC, they’re telling us to pull back all our inventory from the market.”
Certification Backlog Paralyses Supply Chains
The scale of certification congestion is staggering. According to a Reuters investigation published on May 28, India had received 342 applications for STQC clearance by that date — but only 35 had been approved, mostly from domestic players. That leaves over 90% of the market in limbo, unable to legally sell their camera models.
However, as of late July 2025, and as per the information available on internet approximately 60 unique camera models had found STQC approval with Sparsh and Matrix Comsec leading the small group of approved brands.
Retailers had told Reuters that sales had dropped by nearly 50% due to non-availability of certified stock. For distributors and contractors, this has meant project delays, frozen tenders, and penalties.
An end customer reported to SECURITY UPDATE that the price at which the installer had agreed to install cameras at his home, and the delay in decision making from his side in placing the order, is costing him more now, as camera prices have increased following the scarcity in the market.
Mr. Sanjeev Sehgal does not entirely agree with this. He says, “Sellers had stocks of cameras which they are still selling in the market, however by September we can anticipate a heavy shortage of cameras in the market because whatever was procured before the April 9 deadline, would be exhausted by then.”
Mr. Roop Singh Kuntal, Managing Director of Amron Associates Pvt. Ltd., a system integrator involved in a government surveillance upgrade project, recounted: “I need 150 cameras, but no OEM or distributor has compliant stock. We’re being held liable for delivery failures even when the root cause is the regulatory gridlock.”
A Policy Rooted in China Concerns
At the heart of this disruption lies India’s growing alarm over cybersecurity vulnerabilities allegedly linked to Chinese surveillance hardware. The revised Electronics and IT Goods Order (April 9, 2024) was, in part, a response to reports that over 1 million Chinese-made CCTV units were deployed across Indian government facilities, potentially routing data overseas.
Yet critics argue that the execution of the STQC policy appears overly protectionist and chaotic. Only 4–5 brands are certified today.
SECURITY UPDATE spoke with Mr. Sanjeev Sehgal, Managing Director of Sparsh CCTV — one of the brands already approved under the STQC regime — who also serves as the convenor of the Video Surveillance Panel of the Bureau of Indian Standards’ Alarms and Electronic Security Systems Sectional Committee. This committee is tasked with developing and maintaining Indian standards for safeguarding buildings, people, and property against diverse threats. Mr. Sehgal maintained that the government had allowed ample time and provided multiple opportunities for manufacturers and importers to achieve compliance.
He cited a series of official notices and industry consultations over the past year as evidence of this outreach. Notably, on April 3rd, just days before the new rules came into force, the Secretary of MeitY and senior officials met with representatives from more than a dozen domestic and international surveillance equipment makers, including Hanwha, Motorola, Bosch, Honeywell, and Xiaomi. According to the official meeting minutes, several companies admitted they were unprepared and requested a deadline extension — a plea that was firmly rejected. The meeting chair reiterated that the industry had already been given sufficient time to align with the new requirements and that the April 9th enforcement date was final.
“The problem for multinational companies is that they did not anticipate or prepare themselves for the restrictions in respect to cyber security concerns being put by the government in India, although they have faced it in other countries. In fact people are still not taking it seriously, hence the slow pace of attempting to get this certification. But there is no alternative now,” he added
Some More Industry Concerns
Another industry player pointed out that, since most major brands manufacture their products overseas, the STQC is reportedly planning to send its personnel to inspect these foreign production facilities. “Won’t this significantly delay the certification process?” he asked. “And could such on-site inspections not risk introducing bias—intentional or otherwise—on the part of the inspection teams?”
Industry watchers note that such implementation hurdles are not unusual when a complex policy is introduced—especially one involving multiple government departments and technical requirements. There is typically a lag period before systems stabilise and processes become streamlined. In this case, too, many believe the system is still finding its rhythm, and operational efficiency may gradually improve as stakeholders—labs, manufacturers, and regulatory agencies—gain experience and clarity
An industry insider, on condition of anonymity also remarked that, “Ambarella Chip Set (SoC) is expensive and is also in short supply.” “There is no way that any manufacturer can use this SoC to make a camera and sell it to the consumer at under Rs.5000, while also meeting the market demand,” he contended. “A camera made with this Chip Set may be sent for STQC testing, but how do we ensure that subsequent cameras sold in the market are with this expensive chipset?”
Ambarella, Inc. is an American fabless semiconductor design company, focusing on low-power, high-definition (HD) and Ultra HD video compression, image processing, and computer vision processors. SoCs manufactured by Ambarella are perceived to be more expensive than others such as Novatek and Innofusion. Other manufacturers of chips include HiSilicon (Huawei), Allwinner Technology, Ingenic Semiconductor, SigmaStar, MStar Semiconductor, and Qualcomm
In addition to dedicated SoC manufacturers, several companies that produce and sell surveillance cameras also design or integrate SoCs into their products, including: Hikvision, Dahua Technology, Axis Communications, Hanwha Vision (formerly Hanwha Techwin), Bosch Security Systems, Avigilon, Honeywell Security Group, Panasonic Corporation, and Vivotek
A System on a Chip (SoC) is a microchip that integrates all or most of the components of a computer or electronic system onto a single chip. This includes the CPU, memory, input/output (I/O) ports, and other peripherals. SoCs are commonly found in networked security cameras, smartphones, tablets, wearable technology, and embedded systems, offering benefits like reduced size, power consumption, and cost.
Mr. Sanjeev Sehgal says that he now has to give guarantees for enhanced quantities of chip sets that he will be purchasing from his suppliers in order to get better pricing from them, in order to meet the market expectations.
An industry insider pointed out another looming challenge: the dynamic nature of cybersecurity threats. “New types of cyberattacks are emerging all the time, and manufacturers routinely update the firmware of their cameras and video surveillance networks to address these vulnerabilities,” he said. “But if every firmware upgrade needs to go through the same lengthy STQC approval cycle — with current testing capacity and slow turnaround times — how will the authorities keep pace? Security cannot wait months for a patch. Without a fast-track or adaptive approval mechanism, the system risks leaving critical networks exposed while updates sit in the queue.”
The Emerging Situation
As the STQC mandate begins to unfold in practice, manufacturers—especially foreign OEMs—are facing a complex mix of delays, inconsistencies, and infrastructural bottlenecks that are stalling business operations across the board.
A representative from a major overseas surveillance brand explained that during the initial rollout, only a few government-authorised test laboratories were cleared to conduct the extensive assessments required for STQC certification. Each brand typically offers dozens of camera models—ranging across form factors and use cases—each of which must undergo individual testing. This quickly overwhelmed the available capacity. Although the government has since expanded the list of approved labs, most of them still suffer from severe manpower shortages.
“There simply aren’t enough trained professionals capable of conducting the advanced cybersecurity and firmware tests demanded by STQC protocols,” the executive noted. “At present, the turnaround time for testing a single camera model can stretch anywhere from two to three months. As a result, our sales have ground to a complete halt—we recorded zero revenue in April and May 2025.”
Another manufacturer, who requested anonymity, raised deeper concerns about the lack of consistency and clarity in the testing process itself.
“Many of the technical staff at these designated labs were not properly trained or standardised on a uniform methodology before the rollout. Only a few seem to fully understand how to test both the firmware and hardware layers. In many cases, our own engineers are essentially guiding lab staff through the process, which is inefficient and problematic. This trial-and-error approach not only causes delays but also leads to potential discrepancies between test outcomes from one lab to another.”
He further added that some labs have been requesting proprietary design documentation that is arguably not relevant to the certification process. “But we are left with little choice. If we don’t submit it, our application is stalled. If we do, we’re forced to share sensitive technical details with external personnel under uncertain safeguards. It’s a no-win situation,” he added.
However, this view was challenged by Mr. Sanjeev Sehgal. According to him, the infrastructure is well in place and underutilized, rather than overburdened.
“The biggest challenge is people do not have their designs because they have always been dependent on their Chinese partners for the design element. For certification now you have to show each and every facet of your supply chain…something which is hurting players in the market,” he says.
“There are currently 21 authorised labs ready and operational. The problem is not with capacity—it is that only a handful of camera manufacturers have reached the testing phase. Most others are still trying to compile and submit their documentation correctly. It’s inaccurate to suggest the system isn’t prepared.”
Still, procedural inefficiencies remain. Another certified manufacturer reported that even after successfully clearing the STQC testing, their reports either do not reach BIS in time, or BIS takes an excessively long period to verify and upload the information to its official portal.
“Whatever the cause—whether it’s lab-to-BIS communication or internal delays at BIS—it leads to market uncertainty and financial losses. We’re unable to officially claim certification or participate in tenders until the BIS publicly lists our models,” he said.
Mr. Sehgal acknowledged the slower pace in bringing new models to market and attributed this to the inherently rigorous nature of the certification process.
“The system is elaborate, and understandably so. Certification takes time, even we haven’t been able to release new products since receiving initial STQC approvals. It’s a market-wide adjustment.”
Modern Capabilities and Certification Exemptions of Analogue CCTV
Analogue CCTV cameras remain exempt from the STQC certification and Essential Requirements (ER) compliance currently mandated for digital and network/IP-based cameras in India. As per recent government orders and BIS/MeitY guidelines, manufacturers and importers can still sell, produce, or bring analogue cameras into the country without needing STQC lab approval or cybersecurity certification. For registration, companies simply need to self-declare the camera’s analogue nature, in contrast to the more rigorous process required for digital products.
Despite digital cameras dominating the high-end security market due to superior resolution and networking features, analogue camera technology has also advanced considerably in recent years. Modern analogue systems now leverage HD video standards, offering up to 4K ultra-high definition resolution in some models. Enhanced DVRs (Digital Video Recorders) not only convert and store footage efficiently but also provide remote access, motion detection, digital zoom, and improved data management.
Crucially, a notable capability enhancement in analogue cameras is the inclusion of two-way audio. Recent models feature integrated microphones and speakers or provide external audio connections, allowing users both to listen in and communicate in real time through the camera—much like the “talk-back” functionality previously found only in IP systems. This bidirectional audio feature greatly expands the utility of analogue surveillance setups, enabling direct intervention (issuing warnings, instructions, or greetings) while maintaining the reliability and cost-effectiveness of coaxial infrastructure. Furthermore, the introduction of fisheye lens variants, advanced night vision, and even panoramic viewing means analogue cameras can deliver broad coverage with greater clarity than ever before.
So, while the regulatory environment favors digital and IP systems for cybersecurity compliance, the analogue segment continues to thrive—now backed by technological improvements such as HD video, scalable storage, mobile access, enhanced data transfer, and advanced audio features including two-way communication.
Mr. Sanjeev Sehgal says, “Analog cameras are still allowed without any restriction but they will also have to be re-registered even if not retested. Analog currently has a 40 percent market share to IP’s 60 percent.”
While regulatory exemptions allow analogue cameras to be manufactured, imported, and sold without STQC certification, it is crucial to recognize that many surveillance networks still rely on internet-connected DVRs (Digital Video Recorders) and NVRs (Network Video Recorders) to manage and store footage. DVRs and NVRs are currently out of the STQC requirements. These devices often have embedded software and hardware that can introduce substantial vulnerabilities. Real-world security assessments have revealed cases where outdated firmware, default credentials, or unpatched vulnerabilities were exploited by attackers, allowing unauthorized remote access, information leakage, or even integration into global botnets without the user’s knowledge.
Attackers can leverage such backdoors to extract sensitive security footage, monitor camera feeds, or use these systems as launch points for broader cyberattacks. Even two-way audio features—once considered a helpful innovation—could provide another pathway for exploitation if not properly secured. The existence of such threats underlines why the government has mandated STQC certification for IP/network cameras, which are inherently more connected and thus at greater risk of targeted cyberattacks. As surveillance technology continues to evolve, ensuring ongoing vigilance, routine updates, and strong cybersecurity practices for all networked devices—analogue or digital—remain essential for genuine security, privacy, and trust in modern surveillance systems
What about Body-worn, Dash, and Spy Cameras?
Questions are also being raised about the status of non-traditional surveillance devices such as body-worn cameras, dashboard cameras, spy cams, and even smart lightbulb cameras — the latter offering discreet HD monitoring with a simple screw-in, wire-free setup, ready for use within seconds. There appears to be ambiguity over whether these devices fall under the STQC certification mandate, even though many are internet-enabled and capable of remote video transmission. Despite the enforcement push against uncertified CCTV systems, such products continue to be openly sold through major online marketplaces, raising concerns about regulatory consistency, enforcement priorities, and potential loopholes in the current policy framework.
Enforcement Gaps Could Undermine STQC Goals
Beyond the certification bottlenecks, an equally daunting challenge lies in enforcement. Even if the STQC framework is sound on paper, ensuring that non-compliant cameras — including body-worn, dash, and covert models — are purged from both physical and online markets will test the government’s reach and resolve. Past initiatives, from banning uncertified telecom equipment to phasing out unsafe electrical appliances, have faltered when enforcement lagged, allowing grey-market channels to thrive. Without a robust, coordinated crackdown across customs, e-commerce, and retail, the risk remains that uncertified devices will continue to infiltrate India’s surveillance networks, undermining the policy’s core intent.
The STQC mandate, positioned as a crucial safeguard for India’s digital and physical security, has instead exposed deep fissures in policy design, execution, and industry readiness. While supporters argue that teething troubles are inevitable in such sweeping reforms, the scale of disruption, loss of business, and operational paralysis raises urgent questions about proportionality and preparedness. With critical market segments stalled, loopholes unaddressed, and foreign as well as domestic players struggling to adapt, India’s surveillance ecosystem stands at a crossroads. Whether this policy delivers long-term security or simply redefines the market’s power structure will depend on the course corrections made now.
