TP-LINK CONTINUES TO PROVIDE SECURE PRODUCTS ACROSS AMERICA
- It’s business as usual at TP-Link. TP-Link products continue to be sold in the United States. Customers can continue to place orders for TP-Link products here and around the globe.
- Contrary to reports, we continue to do what we do best: supply secure and high-quality products to customers in the United States and beyond. TP-Link is open for America.
- Security is at the heart of TP-Link’s product strategy and corporate ethos.
- As a U.S. company, no government – including China – has access to or control over the design and production of our products.
- Our products and operations do not pose any threat to U.S. national security.
HERE ARE THE FACTS
- Vulnerabilities exist across the networking and communications industry. TP-Link can demonstrate its commitment to security through our track record of concrete actions and measurable results, which match or surpass those of our main competitors.
- TP-Link’s average weighted CVSS score—an industry-standard metric for vulnerability severity—and other objective security metrics are fully in line with that of other leading manufacturers. Full details and analysis are available on our Security Commitment webpage.
- Our product security team works with accredited third-party security labs to scrutinize our products and help us identify, prioritize, and promptly address potential vulnerabilities before they affect our customers.
- TP-Link carefully controls its supply chains, implements rigorous secure product development and testing processes, and takes timely and appropriate action to mitigate any vulnerabilities we become aware of.
- Since 2018, TP-Link has manufactured U.S.-destined networking products at a TP-Link-owned factory in Vietnam.
- Manufacturing products in our own factories with our own employees provides another layer of security and governance for the supply chain serving U.S. consumers.
- TP-Link is constantly assessing potential risks to its U.S. operations, customers, and supply chain.
TP-LINK: MYTHS VS. REALITY
| MYTH | REALITY |
|---|---|
|
"TP-Link is a Chinese company." |
TP-Link is a U.S. company, headquartered in Irvine, CA, and 100% owned by co-founder Its owners reside in California. TP-Link is a U.S. company headquartered in Irvine, California; its U.S. operations own and direct the global TP-Link business. Jeffrey Chao, the company’s founder, CEO, and owner, resides in Irvine. The company’s global operations are controlled by senior management in the United States, and the company’s infrastructure and U.S. user data are secured and located in the United States. TP-Link has split from and no longer has any affiliation with TP-LINK Technologies Co., Ltd. Despite having similar names, these companies have entirely different ownership, management, and operations. |
|
"TP-Link is a state-sponsored company." |
No government – including the PRC – has access to and control over the design and production of TP-Link routers. |
|
"TP-Link is slow to fix vulnerabilities." |
TP-Link’s response rates for addressing vulnerabilities it becomes aware of are well within industry norms. TP-Link has a proactive approach to security, including internal penetration testing, continuous monitoring, and partnerships with U.S.-based independent security firms for third-party audits. TP-Link takes vulnerability reports seriously and promptly troubleshoots and patches vulnerabilities it becomes aware of. This process may involve substantial follow-on work with security researchers who report vulnerabilities. |
|
"TP-Link is using predatory pricing to displace trusted alternatives." |
TP-Link is focused on delivering innovative, reliable, and secure products. We have earned the trust of our customers through years of significant growth and consistent high rankings by third parties. Unlike competitors, TP-Link owns its manufacturing and R&D operations, enabling cost savings and enhanced control over the security of our vertically integrated supply chain. We offer a wide range of products that cater to all levels of consumers, from budget-friendly to premium, unlike competitors who may focus on the premium market. We do not sell products below cost. As a U.S. company, TP-Link embraces fair competition. |
|
"TP-Link products can be exploited by state-sponsored actors." |
TP-Link is not a state-sponsored company, has no “deep ties” to, and is completely independent from the Chinese government and the Chinese Communist Party. According to all publicly available information, Chinese threat actor campaigns (including Volt Typhoon, Salt Typhoon, and Flax Typhoon), cybercriminals, and hacktivist groups have no discernible preference for using TP-Link routers as a vector. These actors have targeted a wide range of routers, from several different manufacturers, where the device owners have failed to update their software and left known, publicly reported vulnerabilities available for these actors to exploit. |
WE’RE HERE FOR THE LONG HAUL
- TP-Link will continue to work with the Commerce Department – as we have for over a year – to ensure that we can continue serving American customers with secure network security devices far into the future.
- TP-Link strives to be a leader in IoT and networking security, while acknowledging that security is never final and always evolving.
- By working with industry experts, embracing government guidance and standards, and maintaining an unwavering focus on improvement, we ensure that our customers can trust our devices, today and in the future.
- All core product and data security functions across TP-Link are handled within the United States, with clear accountability to U.S. leadership and oversight structures.