India Puts a Cap on Chinese Cameras: Hikvision, Dahua, Certification, Surveillance, and the Uncomfortable Truth About IP Video Monitoring

The surveillance industry spent years living inside a comfortable illusion. A camera was treated as just that: a camera. A box on a wall, a lens, a stream, an archive, an app on your phone, a line item in the budget. At most, people argued about who had better night vision and less image noise. Those days are over. A camera is no longer just an eye. It is a networked computer with firmware, updates, chips of uncertain origin, remote access, and a very real chance of one day working for someone other than its owner.

India decided not to wait for that “one day.” Starting April 1, 2026, it is effectively choking off market access for Chinese internet-connected cameras, above all Hikvision and Dahua. Not theatrically, not with drumrolls, not with giant banners screaming “banned,” but in the grown-up way. Through mandatory security requirements, certification, scrutiny of component origins, and checks on embedded software. In other words, through the one thing the old surveillance market fears most: paperwork, technical transparency, and questions that actually matter.

Legally, the process looks neat and proper. India’s Ministry of Electronics and Information Technology laid down mandatory security requirements for surveillance cameras back in March 2024. After that, the country’s official standards, testing, and certification system issued procedures for evaluating and clearing cameras for the market. Then it added clarifications about supply chains, chip origin, embedded software, and related documentation. And that was the moment an industry that had spent decades selling cameras as if they were ordinary light bulbs with lenses suddenly discovered that the state wanted to know exactly what those bulbs were made of.

The real blow did not land on marketing or branding. It landed on the guts of the device. India’s rules require manufacturers to submit a technical dossier, describe the camera architecture, disclose the supply chain, confirm secure boot and secure update mechanisms, explain their cryptographic protections, and identify the origin of key chips and embedded software. On top of that, regulators are checking whether core computing components and firmware come from countries that share a land border with India. For part of the market, that was the end of the easy ride.

The old surveillance market loved simple magic. One factory builds the platform. A second one takes the same base. A third one slaps on a new badge. A fourth one talks about innovation. The shelf ends up full of brands, while under the lid sits the same family album. That is why India’s new system hits wider than it first appears. This is not just a blow to Hikvision and Dahua. It is a blow to the market model itself, the one that allowed companies to live for years off shared hardware platforms, stay vague about the origin of the internals, and sell the whole thing as a cutting-edge smart solution.

In practice, the picture is very simple. India does not need to publish a document saying “Hikvision and Dahua are banned.” It only needs certification rules that devices built on Chinese computing chips and Chinese embedded software cannot pass. The result is the same, just without the melodrama. The list of cleared manufacturers already includes names like Samriddhi Automation, Prama India, Aditya Infotech, Matrix Comsec, Vicon Security Tech, Equus Digital Solution, and Honeywell International India. Hikvision and Dahua are missing. Sometimes the silence of a list says more than any press release.

Why did India decide to go this deep into cameras in the first place? Because a camera is no longer consumer electronics. Cameras sit on roads, inside city systems, on warehouses, across logistics networks, on industrial sites, inside institutions, throughout transport infrastructure, and anywhere the words surveillance and security stopped being decorative. If that entire network is built on devices with opaque component origins, questionable update logic, and unclear control over the software stack, then this is no longer just a supplier choice. It becomes a question of digital sovereignty. And the state, it turns out, would rather not hand over its digital eyes to just anyone.

To people who still look at surveillance as just another commercial market, this may seem like India simply backing local manufacturers. Of course it is doing that too. It would be strange not to, given the size of the contracts involved. But that is not the whole story. The deeper issue is that network cameras stopped being innocent devices a long time ago. They are full-fledged network nodes. They see, sometimes hear, receive updates, talk to the cloud, store service data, and in a bad scenario become free sensors for somebody else.

And this is where Iran becomes impossible to ignore. The Iranian case is not a lyrical side note. It is a live demonstration of what poorly protected camera networks can become in a real conflict. In spring 2026, there were widely discussed reports that Israeli operators had used compromised street cameras in Tehran for surveillance and in preparation for operations against senior Iranian figures. According to those reports, the cameras helped track movement around key sites, reconstruct routes, read security patterns, and build up a picture of day-to-day activity in sensitive areas. In other words, digital eyes installed for control started working for the other side.

This is the moment the industry should have gotten a little nervous. Because the problem is not that someone, somewhere, watched a random parking lot feed. The problem is scale. When a country has thousands or tens of thousands of network cameras deployed, any systemic vulnerability, weak protection, outdated software, exposed interface, or openly forwarded RTSP stream stops being a small technical oversight and starts becoming a full-scale intelligence surface. And a very cheap one for the attacker. You do not need to place spies at every intersection if the camera owner already did that for you and then connected everything to the internet.

Iran plays a particularly grim role in this story. The state built a dense camera network as an instrument of internal control. After waves of protests, that network became even more important for monitoring streets, transport, and public spaces. But that same infrastructure, according to reports of hacks and leaks, turned out to be vulnerable itself. Footage from institutions surfaced. There were claims of thousands of cameras being compromised, along with leaks of video and internal data. The machinery of digital control turned out not to be a solid wall, but a pile of networked devices that could also be hacked, exploited, and flipped against the owner. The moral is an old one: if you build a system of total observation, you had better be ready for the day someone else starts observing you.

India’s regulators appear to have absorbed that lesson. They are now looking at a camera not as a chunk of metal with a lens, but as a bundle of casing, chips, embedded software, supply chain dependencies, and network behavior. The surveillance market does not enjoy speaking this language. It prefers glossy brochures, pretty screenshots, and megapixel tables. But that is no longer enough. Now it has to show where its components come from, how updates work, how secure the boot process is, and whether the device can prove it will not become someone else’s eyes on a critical site.

For integrators and customers, this means one unpleasant but useful thing. It is time to stop choosing cameras by the rule of “just make it cheap and let it show a decent picture.” That approach works right up until the first major surprise. And surprises come in many forms. Sometimes it is a mass vulnerability. Sometimes it is supply disruption. Sometimes it is incompatibility when the site expands. Sometimes it is a political decision that turns a familiar brand from an industry standard into a procurement headache overnight.

For the brands themselves, the situation is equally revealing. Hikvision and Dahua spent years symbolizing the era when the IP surveillance market grew on the back of affordable pricing, broad product lines, and sheer ubiquity. They are still giants. But that is exactly why they are taking the hardest hit. Big brands become the first targets when states start asking questions not about image quality but about trust. And those questions are not pleasant: where do the chips come from, who controls the embedded software, how do updates work, what protocols are being used, how transparent is the product lifecycle, and can the device be traced from factory floor to deployment site?

And this is where the surveillance market, after spending decades selling control, suddenly discovers that control has come for it. The irony is not subtle. It is reinforced concrete. An industry used to watching everyone else has found itself under the magnifying glass, and not just any magnifying glass, but the state’s. And the state, as everyone knows, does not ask whether you enjoy a supply chain audit. It sends over a form, a list of requirements, and an enforcement date.

What happens next is not hard to predict. Other countries will start paying closer attention to the origin of components in cameras, the embedded software stack, the possibility of remote control, the transparency of updates, and dependence on foreign technology chains. Not all of them will move as sharply as India. But the direction is already clear. A camera is no longer treated as a harmless box. It is now part of network security, information security, and in some cases national security.

That is why India’s move matters far beyond India. This is not just a bad day for Hikvision and Dahua. It is a sharp kick to the entire industry. A reminder that the age of carefree IP cameras, internet-exposed services, murky firmware, and blind faith in “it just shows a picture” is over. From now on, every lens comes bundled not only with an image sensor, but with a harder question: who else might be looking through it?