Anyone using the Internet should be aware of its dangers. Especially when connected to public WiFi, you're vulnerable to a number of threats, unless you happen to have a VPN. This creates a secure tunnel between your device and the Internet, encrypting your connection, concealing your IP address, and hiding your activities. But just how safe are they?
Those who are familiar with digital threats know that even the best tools aren't able to offer 100% protection. Accordingly, blanket statements about how secure a particular VPN is should be taken with a grain of salt, since experts prefer to speak about safety in terms of degrees.
In this guide, we'll let you know which advantages VPNs offer when it comes to security, their vulnerabilities, and how you can accurately assess how safe a VPN provider is.
VPN Provider Security Guarantee
Determining how secure a VPN is depends largely upon what it is that you intend to use it for. Right off the bat, VPNs aren't antivirus programs and will do nothing to stop you from downloading dangerous files or falling victim to phishing attempts. The same goes for Trojans, viruses, and other malware, all of which VPNs offer no defense against.
This is because the security a VPN provides is of a different nature, and has more to do with guarding your digital privacy when online. As such, VPNs do offer:
A shield from wandering eyes on public WiFi
Public WiFi networks offer particularly convenient staging areas for all sorts of digital snooping. For those with malicious intent, all that's needed is to connect to the same network, and with a minimum amount of effort, they'll be able to follow your activities. VPNs significantly complicate this.
Protection for your anonymity, both at home and on the go
Even though it's easy to follow someone's activities when connected to public WiFi, dangers also lurk on supposedly more secure Internet networks at home. There, you'll have to contend with both cybercriminals, as well as businesses and Internet service providers (ISPs), looking to earn a buck from your data. Using a VPN cuts off this channel of surveillance.
A digital disguise for journalists and dissidents
Journalists and dissidents don't only have to worry about cybercriminals and unscrupulous ISPs, but often, their own governments. Particularly in authoritarian countries, those with opposing views are prone to legal prosecution and worse. For that reason, VPNs can be a literal lifesaver, making it possible for dissidents or whistleblowers to communicate with each other, the media, or outside world.
Unfortunately, many use VPNs not for noble goals, but to engage in illegal activities. From downloads of copyrighted music, programs, and films, to purchasing narcotics, weapons, or even worse, the sad reality is that VPNs allow criminals to conceal their identity from authorities. Still, illegal activity remains illegal, even if conducted via VPN.
Should you intend or already use a VPN to enhance your digital security in one or more of these areas, you're more secure with it than without it. As mentioned above though, there's no such thing as total security, and each VPN service comes with its own risks.
VPN Risks: The Limits of Security
Security vulnerabilities arising from the use of VPN services can be grouped into a few different categories: Some are of a technical nature, whereas others depend on user behavior, and yet more are connected to your choice of provider.
When testing Phantom VPN by Avira, we identified a DNS leak.
Even if a VPN doesn't have any leaks, they're still not able to guarantee total security. Cybercriminals are highly creative and always find new ways to prey on victims. VPNs are relatively powerless against most web trackers and do little to prevent users from browser fingerprinting.
Reckless User Behavior
Contrary to popular belief, VPN tunnels do not mean that you can do whatever you want online once connected. Those who are unaware of the degree of protection VPNs do afford, are likely to paint larger targets on their backs than if they didn't use a VPN in the first place. The first general rule is that you should continue to adhere to the same security protocols and measures that you would when not using a VPN: Don't download/open email attachments, click on suspicious links, or respond to messages from strangers.
Even with a VPN, your privacy and anonymity can still be compromised. Should you log in to Google or Amazon while on a VPN connection, your behavior will be easily trackable.
There are countless VPN providers out there, but not all of them adhere to the same security standards. Shady or dubious services are particularly dangerous since by using them, you're handing over access to lots of sensitive and personal information. This is because a VPN provider serves as a conduit between you (and your data) and the Internet.
Accordingly, your privacy depends to a large extent upon how serious your VPN provider approaches security. Risks can arise owing to incompetence, as well as (technical) security vulnerabilities, or even malicious behavior since some VPN providers can actually be fronts for criminal groups that misuse data.
Below, we'll provide insight into the specific things to look for in a VPN service, in order to ensure that you benefit from the highest degree of security.
What Makes a VPN Safe?
Every VPN service is unique. Differences might exist in terms of features, usage, support, or even security standards. We recommend paying close attention to the following aspects, which we also assess in our reviews:
State of the art encryption & technical standards
There are certain technical prerequisites that each VPN worth its salt should have covered, namely encryption according to the highest standards and the usage of up-to-date VPN protocols.
Almost all VPN services promise not to save or store logs that might provide insight into user identity. However, you shouldn't take providers at their word, but instead, have a look at their Terms & Conditions and privacy policies. There, you'll be able to see which data they actually keep on file.
So far as Terms & Conditions are concerned, you'll have to content yourself with what is put to paper, since even then, a provider's actual practices can vary. To a certain extent, you should assume that your provider isn't telling the whole truth. One way to gain greater insight into how transparent your VPN is by consulting its most current third-party security audits. More and more VPNs have begun submitting to these, and you can be confident that such services are usually less likely to be engaged in shady practices.
Data leaks can strike even the most reputable and popular VPNs from time to time. When these occur frequently, chances are that the provider takes security less seriously than it should. To find out how your preferred service fares, you can use our DNS, IPv6, or WebRTC leak tools. We performed each test for every provider from our sample, and let you know in the individual review how the service performed.
A kill switch is one of the most integral security features of a VPN. It severs your Internet connection as soon as a disturbance in your VPN connection is identified. This prevents you from unknowingly surfing without the protection of your VPN tunnel.
Trustworthy parent company
Not every business has a good reputation. When it comes to VPNs, we recommend paying close attention to the company, business, or legal entity that owns the provider. A quick Internet search can usually tell you everything you need to know about who or what you're actually dealing with. Be wary of businesses that have been caught engaging in shady practices, selling user data, supplying information to authorities, or spreading malware.
These are just some of the most important security aspects to keep in mind when choosing a VPN. Now, you're likely wondering whether any of the services we reviewed fulfilled all of these criteria?
Which VPN Services Are Safe?
So, which VPN services are safe and which aren't? For all the reasons we've outlined above, it isn't possible to label any single service as either-or, since issues can arise even among the best. With thousands of servers around the world, potential issues can come about anywhere at any time.
In spite of this, there are a few VPNs that we would sooner trust our data with than others. Below, we'll introduce you to the best of these, which tick most of the security boxes we mentioned in the previous section. To be as objective as possible, we'll also call your attention to their security shortcomings:
First place in our ranking went to NordVPN, owing to its provision of what we consider to be the best VPN package on the market. We were impressed not only with its user-friendly apps and numerous features but also with its excellent speeds (likewise, first place in our ranking).
In terms of security, there isn't much to complain about: NordVPN possesses all of the technical features needed to ensure that you and your data are safe, promises not to compile traffic logs, and regularly submits to independent audits. We couldn't identify any leaks during testing either.
The company isn't perfect though. In 2018, one of its servers in Finland was targeted by hackers ⇱. While in and of itself, this wouldn't be a major issue, Nord only publicized the incident after a significant amount of time had passed. All the same, we rate NordVPN's security highly.
ProtonVPN takes transparency to another level, even when compared to its competitors already possessing high security standards. The provider's app is completely open-source, meaning that its source code is accessible to anyone (and can be checked accordingly). On top of that, the Swiss provider also offers a few extra security features, such as "Secure Core", which routes connections through an additional secure server, should your main VPN server encounters any sort of issue.
Security-conscious users might have some issues with Proton though. That company, which operates a secure email program (ProtonMail), was on the receiving end of negative headlines in 2021. They cooperated with French authorities, collecting and turning over a French climate activist's IP information to a court ⇱, ultimately leading to his arrest. The case is noteworthy since Proton is based in Switzerland, with the investigating and prosecuting law enforcement body being French. This means that the French police had to lodge a request with the help of Europol, which Swiss courts granted, legally mandating ProtonMail to cooperate. For VPN users, this could be an issue, since Swiss courts appear willing to subpoena Proton for privileged information.
ExpressVPN might be one of the priciest VPNs on the market, however, it is also one of the most user-friendly and well-performing, boasting a huge server network to boot. Its security standards are also high and backed up by regular independent security audits.
Since it was purchased by Kape Technologies in 2021, and that company has a bad reputation for having earlier been a malware spreader, we do have some doubts about the service. For people like Edward Snowden, the ties to Kape Technologies are reason enough to shy away from using it:
Edward Snowden bluntly advised his Twitter followers not to use ExpressVPN.
Despite its purchase by Kape, ExpressVPN continues to operate independently, with nothing having changed so far as its security standards are concerned. All the same, we're keeping an eye on them and would advise anyone considering using them to do the same.
The services listed above all offer relatively high security standards and performed well in our comprehensive EXPERTE.com assessment. However, as we've attempted to demonstrate, even the most secure VPN provider isn't without controversy. For that reason, we strongly advise doing your homework on whatever VPN you're considering booking a subscription with. Most of the time, you're safer online with a VPN than without one.
Whether or not a particular VPN is secure depends largely upon how you define security, what you intend to use the service for, and which provider you've selected. While they won't do anything against malware or phishing, you can rest assured that your digital privacy and anonymity are shielded. Especially if you're using public WiFi, VPNs are a must, even if they can't guarantee 100% security all of the time.
How well a VPN can ward off threats to your privacy depends upon which provider you select. Ideally, these should not collect logs or suffer from data leaks, while offering important features like a kill switch. Particularly important is that your VPN regularly submits to independent security audits.
At the end of the day, you'll be able to enjoy safer surfing with a reliable VPN provider than without one, however, issues can arise even then. For that reason, stay alert and don't rely solely on your VPN connection to take care of everything. Comprehensive reviews of 22 VPNs, including exhaustive assessments of their security, can be found in our VPN comparison.
VPNs serve as a sort of tunnel between your device and the Internet. They conceal your IP address and location while preventing others from snooping on your activities. When connected to public WiFi, this means that other users on the network can't see or follow what you're doing.