Verkada cameras are designed in San Mateo, California and manufactured primarily in Taiwan through contract manufacturing partners. The software and firmware are developed in the United States; the physical hardware is built by ODM manufacturers to Verkada's specifications. For most buyers, that's where the story ends. For buyers in government, education, or federally funded programs, it's where the evaluation begins.
Country of origin determines NDAA Section 889 compliance, TAA eligibility, and other purchasing requirements that apply to your organization before a purchase order is signed. Getting it wrong doesn't show up as a problem at the point of purchase. It shows up during a contract review, a funding audit, or a bid process, after the cameras are already installed.
This guide covers where Verkada cameras are manufactured, their NDAA and TAA status, SKU-level details to verify before purchasing, and a framework for applying the same due diligence to any vendor on your shortlist.
Where Verkada Cameras Are Manufactured
Verkada is a US-based physical security company that designs its cameras in San Mateo, California and manufactures them primarily in Taiwan through contract partners. Its country of origin for design and engineering purposes is the United States; the physical hardware is built overseas to Verkada's specifications.
The model is ODM (Original Design Manufacturer): Verkada designs the hardware, writes and owns all firmware, and defines the security architecture. A Taiwanese contract manufacturer produces the enclosures and electronics per Verkada's blueprint. The product isn't jointly owned or co-developed. The factory builds to spec; Verkada owns what ships.
This structure is standard for the category. Axis, for example, develops its own software and hardware designs and uses contract manufacturers across Thailand, Sweden, and other locations. The brand owns the product; the contract manufacturer owns the floor. Verkada operates the same way.
Who Actually Makes Verkada Cameras? (Vivotek)
Verkada refers publicly to its “manufacturer partners” without naming them. Within the surveillance industry, Vivotek, a Taiwanese surveillance manufacturer, is widely identified as the ODM behind Verkada's hardware. This is an industry-reported attribution, not an official Verkada disclosure.
Vivotek has manufactured video surveillance hardware in Taiwan since 2000 and operates both a branded product line and an ODM business. In a typical ODM arrangement, the customer's devices are fully proprietary: the manufacturer's own firmware does not run on them, and the manufacturing process includes loading the ODM customer's firmware instead.
For IT procurement, what matters is who controls the firmware and the data path. On both counts, that's Verkada.
Are Verkada Cameras NDAA and TAA Compliant?
Yes, with an important qualifier: NDAA and TAA compliance attach to specific models, not to Verkada's full product catalog.
Verkada's government-grade cameras are FIPS 140-2 validated and compliant with TAA and the FY2019 NDAA. Those designations apply only to models in the government-grade line. Before any procurement involving federal funds or federal contract obligations, verify the exact SKU against Verkada's government solutions documentation, which lists which models carry TAA compliance.
A quick note on these two standards, since they get conflated: NDAA Section 889 is about keeping banned Chinese technology out of the supply chain. TAA is about where the final product is manufactured: it must be produced or substantially transformed in the US or a TAA-designated country. Taiwan is a TAA-designated country, which is why Verkada's Taiwan manufacturing doesn't create a TAA problem. The two standards are asking different questions; you need to know which one, or both, applies to your procurement case.
Why Camera Country of Origin Matters for Buyers
The reach of NDAA Section 889 is wider than most buyers expect, and the consequences of getting it wrong show up at the procurement stage, not after.
Agencies and Contractors in the Federal Supply Chain
Section 889 compliance is a procurement requirement for federal agencies, contractors, and subcontractors alike (not optional, and not limited to the prime contractor). Verify that any camera system meets Section 889 requirements before you buy to avoid disqualification during contract reviews, audits, or future bids.
E-Rate-Funded Schools and Federally Funded Institutions
Schools, colleges, and universities receiving E-Rate or other federal funding should evaluate camera compliance before deployment. A non-compliant system can create reimbursement risks and complicate future funding applications. For research institutions, compliance obligations can affect campus-wide security infrastructure.
Healthcare Organizations with Federal Program Relationships
Organizations participating in Medicare, Medicaid, or other federally funded healthcare programs should include physical security systems in their compliance review process. Section 889 concerns aren't limited to patient data systems. Cameras installed in common areas, entrances, parking lots, and administrative buildings can also fall under scrutiny.
Private-Sector Organizations with Indirect Federal Ties
Subcontractors, grant recipients, and businesses operating within federally regulated industries can face the same procurement requirements as government entities. If there's any possibility of a federal funding, grant, or contract relationship, validate compliance before purchasing.
Discovering a compliance problem after equipment is installed, integrated, and tied to a contract or funding requirement is far more expensive to fix than verifying origin before you buy.
How to Evaluate Any Camera Vendor's Country of Origin
Origin due diligence is only as good as the questions behind it. A brand name, a headquarters city, and an “NDAA-compliant” badge on a product page aren't a complete evaluation. The following framework works for any vendor on your shortlist.
Establish Design Origin and Manufacturing Origin as Separate Facts
These two answers rarely match, and treating them as one is how misconceptions spread. Design origin tells you where the hardware is specified, the firmware is written, and the software architecture is owned (the factors that matter most for data sovereignty). Manufacturing origin tells you where the physical unit was assembled, which is what TAA analysis turns on. Get both answers explicitly, in writing, before procurement.
Verify Components, Not Just Assembly Location
The surveillance market has a well-documented OEM-relabel problem: cameras assembled in compliant countries, sold under non-Chinese brand names, with chipsets or wireless modules from banned manufacturers. Section 889 is not satisfied by a clean assembly location if the components inside fail the test.
Ask vendors specifically about the origin of the chipsets and processing modules in the device. If a vendor's compliance documentation doesn't go to the component level, ask why.
Verify the Specific SKU, Not the Brand
NDAA compliance and TAA compliance are both model-specific. A single product catalog can contain compliant and non-compliant SKUs, and a brand-level compliance claim tells you nothing about which is which. Take the exact model number you're buying, run it against the vendor's compliance documentation, and get confirmation in writing if the documentation isn't explicit.
Determine Who Controls the Firmware and Where Data Is Processed
Find out who develops and maintains the firmware to understand how software updates are delivered and whether they can be pushed remotely. Verify where video data is processed and stored, and confirm which legal jurisdiction governs that data and any related security obligations.
A vendor with a strong compliance posture will answer all four questions at the model level. If responses stay at a high level, avoid specifics, or rely on broad brand-wide claims, keep investigating before committing.
How Coram Compares on Manufacturing and Compliance
Coram is a US-based company with NDAA-compliant video surveillance hardware, SOC 2 Type II audited and HIPAA compliant, with video data processed under US data sovereignty. One practical difference for organizations in this evaluation: Coram works with more than 1,000 existing IP camera models, so compliance-sensitive buyers don't have to evaluate hardware procurement alongside software. If your existing cameras are already in a compliant supply chain, Coram lets you keep them.
For a full breakdown of Coram's origin and compliance positioning against other vendors, see this comparison of non-Chinese security cameras.
