Beyond those two factors, it’s difficult to make blanket statements about what makes a trustworthy VPN. At the bare minimum, a good VPN provider should not collect and keep any logs of its customers’ browsing history. If it does, that puts your privacy at risk should someone access (or even release) those logs without authorization. But deciding when to a trust a logging policy isn’t easy. As the EFF points out, “Some VPNs with exemplary privacy policies could be run by devious people.” You don’t need to have done anything illegal to prefer that law enforcement and criminals alike not have access to a browsing history that may include your bank, medical websites, or that one thing you looked at around 2 a.m. that one time.
To verify that each service effectively hid our true IP address, we looked at a geolocation tool, DNS leaks, and IPv6 leaks. When connected to each service’s UK servers, we noted whether we could watch videos on BBC iPlayer, and using US servers we noted whether we could stream Netflix. We also visited the sites of Target, Yelp, Cloudflare, and Akamai to check whether our VPN IP addresses prevented us from accessing common sites that sometimes blacklist suspicious IP addresses.
IVPN excels at trust and transparency, the most important factors when you’re choosing a virtual private network. After interviewing IVPN’s CEO, we’re convinced that IVPN is dedicated to its promises not to monitor or log customer activity. But a trustworthy VPN is only as good as its connections, and in our tests IVPN was stable and fast. IVPN apps are easy to set up and use with secure OpenVPN connections on Windows, macOS, Android, iOS, plus a few other platforms. Extra features like automatic-connection rules and kill switches to block data on unsecured connections add protection and value that make it worth a slightly higher price than some competitors.
The solution is downloadable and supports platforms such as OS X, Windows and Linux. Mobile systems like Android and iOS are also supported. These capabilities enable users to use the product on desktops, laptops, smartphones or tablet computers. The software can also be downloaded onto network routers, ensuring that all devices connected to such routers enjoy the same level of protection.
A virtual private network (VPN) extends a private network across a public network, and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. Applications running across a VPN may therefore benefit from the functionality, security, and management of the private network.
Protocol: When you’re researching a VPN, you’ll see terms like SSL/TLS (sometimes referred to as OpenVPN support,) PPTP, IPSec, L2TP, and other VPN types. We asked Samara Lynn, Lead Analyst for Networking and Small Business at PCMag, whether or not a user shopping for a VPN should shop for one over another. “SSL is what is commonly used these days. All of these protocols will provide a secure connection,” she explained, and pointed out that most solutions are invisible to the end-user anyway. Strictly, each protocol has its benefits and drawbacks, and if you’re concerned about this (specifically, PPTP vulnerabilities,) you’re probably already aware of them. Most users don’t need to be concerned about this—corporate users on the other hand, are probably all using IPSec or SSL clients anyway.
Security when connecting to public Wifi networks: Many people use public Wifi networks – You can find them in airports, cafes, bars and public libraries for example. People use these Wifi networks freely and without any forethought for their security. How do you know that network is secure? How do you know there isn’t someone attempting to break into that network? A VPN can be used to securely connect to a Wifi network and protect your data integrity. Learn More
Some VPNs will also let you define the specific context in which the VPN functions. TunnelBear VPN, in particular, lets you mark a network as trusted and will only activate when you're not connected to one of these trusted networks. This will protect you from bad guys, but it will leave you open to tracking and surveillance by governments and your ISP when you're on trusted networks.
Servers – PIA has a strong server infrastructure, and it comprises almost 3,800 servers. However, the geographical spread of the servers is limited to only 33 countries. This is a little surprising since PIA has been in the VPN business for over 8 years now and is one of the most reputed brands. Yet, it is understandable since PIA only uses physical servers in its network, in contrast to other VPNs that use a combination of physical and virtual servers. Thus, from the performance and security point of view, this is a positive quality of PIA, since physical servers are more reliable and offer stable connectivity in a way that virtual servers simply cannot.
Update: We’ve received some feedback that 10Mbps is too slow to get good test results. We would argue that 10Mbps is quite average for home internet across the world, and we run tests for average people. While our tests might not be a good indication of speed if you’re paying for a 50 Mbps or 100 Mbps connection, the results are varied enough to get a statistically significant indication of overall performance. Furthermore, all the VPNs on the list officially offer unlimited bandwidth, so if you happen to be on an uncongested nearby server, chances are you’ll still be able to max out your available bandwidth. Finally, there is no point in having a fast VPN if it is unstable, doesn’t protect your privacy, doesn’t unblock the content you want, or doesn’t have a good range of servers to connect to. We excluded providers like TotalVPN which were very fast but had awful customer service, for example.
The IVPN app's default settings are great for most people, who should be happy just smashing the Connect button and not fiddling with settings. On a desktop or an Android device, the company supports only the OpenVPN protocol we recommend and uses AES 256-bit encryption (what we consider the standard at this point). Our budget pick, TorGuard, defaults to the weaker (but also acceptable) AES 128-bit encryption unless you manually change it.
The bad news for anyone used to free services is that it pays to pay when it comes to a VPN. There are tons of free options from reputable companies, but these are usually a poor substitute for the paid options. Free services usually allow a limited amount of bandwidth usage per month or offer a slower service. Tunnel Bear, for example, offers just 500MB of free bandwidth per month, while CyberGhost offers a free service that is significantly slower than its paid service.
Most VPNs won’t keep any logs of user activity. Not only is this of benefit to their customers (and a great selling point) it’s also of huge benefit to them (as detailed logging can quickly consume disk after disk worth of resources). Many of the largest VPN providers will tell you as much: not only do they have no interest in keeping logs, but given the sheer size of their operation they can’t even begin to set aside the disk space to do so.
Whether you’re you’re sick of your ISP throttling your connection, you want to secure your browsing sessions while on the road, or you just want to download whatever the heck you want without the man on your back, there’s no substitution for a securely deployed Virtual Private Network. Now that you’re armed with the knowledge necessary to pick a good VPN (and with three solid recommendations at that), it’s time to secure your internet traffic once and for all.
We used to advise people to do banking and other important business over their cellular connection when using a mobile device, since it is generally safer than connecting with a public Wi-Fi network. But even that isn't always a safe bet. Researchers have demonstrated how a portable cell tower, such as a femtocell, can be used for malicious ends. The attack hinges on jamming the LTE and 3G bands, which are secured with strong encryption, and forcing devices to connect with a phony tower over the less-secure 2G band. Because the attacker controls the fake tower, he can carry out a man-in-the-middle attack and see all the data passing over the cellular connection. Admittedly, this is an exotic attack, but it's far from impossible.
We're not cryptography experts, so we can't verify all of the encryption claims providers make. Instead, we focus on the features provided. Bonus features like ad blocking, firewalls, and kill switches that disconnect you from the web if your VPN connection drops, go a long way toward keeping you safe. We also prefer providers that support OpenVPN, since it's a standard that's known for its speed and reliability. It's also, as the name implies, open source, meaning it benefits from many developers' eyes looking for potential problems.