Ready to upgrade to compliant surveillance?
At Yendra Techno Solutions, we specialize in guiding businesses through this transition, ensuring you get STQC-certified CCTV systems installed with expert care.
Understanding STQC Certification – What Businesses Need to Know
In India, CCTV cameras have shifted from being a “good-to-have” security measure to a must-have for businesses, residential complexes, and public infrastructure. But while adoption grew rapidly, so did cybersecurity concerns. With over 80% of CCTV products in India relying on Chinese components and firmware, questions around data security, privacy, and foreign surveillance became unavoidable.
To address this, the Government of India introduced Standardization Testing and Quality Certification (STQC) — now mandatory for all CCTV cameras manufactured, imported, or sold in India. For businesses, this isn’t just a compliance requirement — it’s about protecting sensitive data and ensuring reliable security infrastructure.
This blog unpacks what STQC is, how it works, and why it matters for your business.
What is STQC?
The Standardization Testing and Quality Certification Directorate (STQC) was established in 1980 under the Ministry of Electronics and IT (MeitY) Originally set up to provide quality assurance for IT and electronics, it has evolved into India’s premier cybersecurity testing body.
For CCTV cameras, STQC certification is carried out under the IoT System Certification Scheme (IoTSCS), which evaluates whether surveillance devices meet the Essential Requirements (ER-01) for cybersecurity and reliability.
In short: STQC ensures that your CCTV cameras are not just recording video but doing so securely, without exposing your business to digital risks.
Why Did the Government Mandate STQC?
The mandate is a response to three major concerns:
- National Security Risks – Evidence showed that video data from some cameras was being transmitted to foreign servers, potentially accessible to foreign intelligence agencies
- Cybersecurity Threats – Vulnerabilities in CCTV firmware made them easy targets for hackers, who could remotely control cameras or access feeds.
- Supply Chain Weaknesses – Even Indian-branded cameras often relied on imported components, creating hidden risks in the system.
By making STQC certification mandatory, India ensures secure, tamper-resistant, and locally trusted surveillance systems.
The STQC Certification Process – Step by Step
Getting certified is not a quick formality — it’s a rigorous multi-stage evaluation:
Technical Construction File (TCF) Preparation
Manufacturers document every technical detail, including cryptography, secure boot, and supply chain processes.
Application & Allocation
The TCF is submitted to STQC, which assigns it to an empaneled lab for testing.
Testing Across Multiple Layers
Hardware Security – Secure boot, tamper resistance, disabling debug ports.
Firmware & Software – Code reviews, encryption (TLS), memory protection.
Process Conformance – Ensuring secure communication protocols, no hidden backdoors.
Supply Chain Verification – Checking component sourcing and documentation
Evaluation & Certification
Reports are reviewed by the Certification Committee.
If compliant, the product is awarded certification (valid for 3 years).
Surveillance Audits
Regular audits ensure compliance isn’t a one-time affair but a continuing standard.
Where Are the Tests Conducted?
STQC has built a nationwide network of 11 empaneled labs, including centers in:
Noida, Lucknow, Ghaziabad (U.P.)
Mumbai, Navi Mumbai, Pune (Maharashtra)
Bengaluru (Karnataka)
Faridabad (Haryana)
These labs perform penetration testing, encryption validation, and physical device inspections to ensure full compliance.
The Current Market – Who’s Certified?
As of September 2025, only five manufacturers have successfully obtained STQC certification.
Sparsh (Samriddhi Automation Pvt. Ltd.) – 27 models
Matrix Comsec – 23 models
Prama India – 6 models
CP PLUS (Aditya Infotech) – 5 models
Vicon Security Tech – 1 model
This shows how stringent the process is. Out of thousands of models in the Indian market, fewer than 70 are certified.
Why STQC Certification Matters for Your Business
If you’re a business, school, hospital, or residential complex in Bangalore, choosing STQC-certified CCTV systems isn’t optional anymore — it’s essential.
Here’s why:
✅ Compliance – Only certified systems can legally be sold post-April 2025.
✅ Cybersecurity – Protection from hacking, data leaks, and espionage risks.
✅ Trust – Assures your customers, employees, and stakeholders that their security is safeguarded.
✅ Future-Ready – STQC aligns with international standards like NIST and Common Criteria, making your system globally competitive.
Challenges Businesses Should Know
While STQC ensures safety, businesses must also be aware of some challenges:
Higher Costs – Certification and security features increase product pricing.
Limited Choice (for now) – With only a few certified vendors, options are restricted.
Transition Period – MSMEs and integrators may face delays in upgrading to compliant systems.
But in the long run, these are outweighed by stronger protection, reduced risks, and higher credibility.
Conclusion
STQC certification is not just a regulatory checkbox — it’s the backbone of India’s new approach to cybersecure surveillance. For businesses, it means investing in CCTV systems that are tested, trusted, and legally compliant.
