India Updates WPC Rules for IP Camera Software Compliance
7. May 2026India has introduced a revised framework affecting WPC certification compliance for IP cameras, following an updated circular issued by the Ministry of Electronics and Information Technology (MeitY) on February 2, 2026. The revision refines earlier guidance from November 2025 and focuses on software update timelines and security requirements for ER-certified devices. The updated WPC certification rules aim to provide manufacturers with greater flexibility while maintaining cybersecurity standards for connected surveillance equipment. IP cameras usually require WPC certification in order to be approved for import and sale in India.
Extended Firmware Update Deadlines and EoL Requirements
A key change in the revised circular concerns the management of End-of-Life (EoL) software libraries within device firmware. Under the previous regulation, manufacturers were required to update expired libraries within six months. This deadline has now been extended to one year from the date of expiry, offering additional time for original equipment manufacturers (OEMs) to implement necessary updates.
Despite the extended timeline, compliance expectations remain strict. Devices that continue to operate using outdated or unsupported libraries beyond the one-year limit will be classified as non-compliant. This adjustment reflects a balance between practical development timelines and the need to maintain secure, up-to-date firmware in connected devices.
The revised circular also clarifies the status of products undergoing certification testing. Devices submitted as samples will be considered compliant during evaluation, provided EoL updates are completed within the new one-year timeframe and no vulnerabilities are identified during testing or disclosed externally. This clarification reduces ambiguity in the certification process and helps streamline product approvals.
Continued Enforcement of Security and Testing Obligations
While timelines have been relaxed, MeitY has maintained strict requirements for addressing security vulnerabilities. Emergency fixes must still be implemented immediately upon identification, and manufacturers are required to submit an impact analysis within ten days. Laboratory verification remains mandatory to confirm the effectiveness of corrective actions.
Importantly, the revised notification reinforces that any vulnerability detected during testing or verification will result in the product being deemed non-compliant. This applies equally to devices under evaluation and those already certified, underscoring the regulator’s continued emphasis on cybersecurity resilience.
Overall, the revision introduces greater clarity and flexibility without altering the core compliance framework. Manufacturers exporting IP cameras to India must ensure robust firmware management processes and timely updates to meet WPC certification requirements. Further regulatory details may be referenced through official certification resources and compliance updates issued by relevant authorities.
WPC certification is necessary for wireless products in order to be used and sold in India.
The national broadcasting authority WPC (Wireless Planning & Coordination) is responsible for this certification, in order to regulate the issuing of issuing of amateur radio licenses and the allocation and monitoring of the frequency spectrum.
If you are interested in understanding what requirements are needed for your product to be imported into India, please do not hesitate to contact us by email or phone (Europe: +49-69-271 37 69 261, US: +1 773 654-2673). There is no cost or obligation for us to check for you. If a certification need is discovered we can provide a quotation to make sure that all your certification needs are covered.
For more information about WPC certification, please refer to our free brochure “WPC Certification Made Easy“.
