Anyone using the Internet should be aware of its dangers. Especially when connected to public WiFi, you're vulnerable to a number of threats, unless you have a VPN. This creates a secure tunnel between your device and the Internet, encrypting your connection, concealing your IP address, and hiding your activities. But just how safe are they?
Those who are familiar with digital threats know that even the best tools aren't able to offer 100% protection. Blanket statements about how secure a particular VPN is should be taken with a grain of salt since experts prefer to speak about safety in terms of degrees.
In this guide, we'll let you know which advantages VPNs offer when it comes to security, their vulnerabilities, and how you can accurately assess how safe a VPN provider actually is.
VPN Provider Security Guarantees
Determining how secure a VPN is depends largely upon what it is that you intend to use it for. VPNs aren't antivirus programs and will do nothing to prevent you from downloading dangerous files or falling victim to phishing. The same goes for Trojans, viruses, and other malware.
This is because the security a VPN provides is of a different nature, and has more to do with your digital privacy. VPNs do offer the following security benefits:
A shield from wandering eyes on public WiFi
Public WiFi networks are ideal for all sorts of digital snooping. For anyone with malicious intent, all that's needed is to connect to the same network, and with a minimum amount of effort, they'll be able to follow your activities. VPNs significantly complicate this.Protect your anonymity anywhere
Even though it's easy to follow someone's activities when connected to public WiFi, dangers also lurk on safer Internet networks at home or work. There, you'll have to contend with both cybercriminals, as well as businesses and Internet service providers (ISPs), looking to earn a buck from your data. Using a VPN cuts off this channel of surveillance.A digital disguise for journalists and dissidents
Journalists and dissidents don't only have to worry about cybercriminals and unscrupulous ISPs, but often, their own governments. Particularly in authoritarian countries, anyone with an opposing view is prone to legal prosecution and worse. For that reason, VPNs can be a literal lifesaver, making it possible for dissidents or whistleblowers to communicate with each other, the media, or the outside world.Legal protection
Many people do not use VPNs for noble goals, but to engage in illegal activities. From downloading copyrighted music, programs, and films, to purchasing narcotics, weapons, or even worse, the sad reality is that VPNs allow criminals to conceal their identity from authorities. Still, illegal activity remains illegal, even if conducted via VPN.
Should you intend or already use a VPN to enhance your digital security in one or more of these areas, you're more secure with it than without it. As mentioned above though, there's no such thing as total security, and each VPN comes with its own risks.
VPN Risks: The Limits of Security
Security vulnerabilities from VPN use can be grouped into a few different categories: Some are of a technical nature, others depend on user behavior, and yet more are connected to your choice of provider.
Technical Vulnerabilities
Even the best VPN provider cannot guarantee your digital anonymity 24 hours a day. Sometimes, DNS, IPv6, or WebRTC leaks can emerge. These temporarily negate the protection afforded by your VPN tunnel, compromising your privacy and anonymity.
When testing Phantom VPN by Avira, we identified a DNS leak.
Even if a VPN doesn't have any leaks, they're still unable to guarantee total security. Cybercriminals are highly creative and always find new ways to prey on victims. VPNs are relatively powerless against most web trackers and do little to prevent browser fingerprinting.
Reckless User Behavior
Contrary to popular belief, VPN tunnels do not allow you to do whatever you want online. Anyone who thinks this will likely paint a bigger target on their back than if they didn't use a VPN. The first general rule is that you should behave just as you would if you weren't on a VPN: Don't download/open email attachments, click on suspicious links, or respond to messages from strangers.
Even with a VPN, your privacy and anonymity can still be compromised. Should you log in to Google or Amazon while on a VPN connection, your behavior will be easy to track.
Dubious Providers
There are countless VPN providers out there, but not all of them adhere to the same security standards. Shady services are particularly dangerous since by using them, you're handing over access to lots of sensitive and personal information. This is because a VPN provider serves as a conduit between you (and your data) and the Internet.
Accordingly, your privacy depends to a large extent upon how seriously your VPN provider approaches security. Risks can arise owing to incompetence, as well as (technical) security vulnerabilities, or even malicious behavior. This is because some VPN providers are actually fronts for criminal groups that misuse data.
Below, we'll provide insight into the specific things to look for in a VPN to ensure that you benefit from the highest degree of security.
What Makes a VPN Safe?
Every VPN service is unique. Differences might exist in terms of features, usage, support, or even security standards. We recommend paying close attention to the following aspects, which we also assess in our reviews:
Cutting-edge encryption & technical standards
There are certain technical prerequisites that each VPN should offer, such as state-of-the-art encryption and up-to-date VPN protocols.No-log guarantee
Almost all VPN services promise not to log user data or activity. Don't take any provider at their word until you've checked their Terms & Conditions and privacy policies. There, you'll be able to see which data they actually keep on file.Regular audits
So far as Terms & Conditions are concerned, you'll have to content yourself with what's written down. It's healthy to assume that your provider isn't telling the whole truth. To find out for yourself, read its most current third-party security audits. More and more VPNs have begun participating in these. Services that do are less likely to be engaged in shady practices.No leaks
Data leaks can impact even the most reputable and popular VPNs from time to time. When these occur frequently, chances are that the provider isn't as security conscious as it should be. Use our DNS, IPv6, or WebRTC leak tools to see how your favorite services perform. We tested every provider from our sample for these, and let you know in the individual reviews how well each service did.Kill switch
A kill switch is one of the most essential security features of a VPN. It severs your Internet connection as soon as your VPN connection is disrupted. This prevents you from unknowingly surfing without your VPN tunnel's protection.Trustworthy parent company
Not every business has a good reputation. When it comes to VPNs, pay close attention to the company or legal entity that owns the provider. A quick Internet search can usually tell you everything you need to know about who or what you're actually dealing with. Be wary of those with a shady past, such as selling user data, supplying information to authorities, or spreading malware.
These are just some of the most important security aspects to keep in mind when choosing a VPN. Now, you're likely wondering whether any of the services we reviewed fulfilled all of these criteria. Let's find out.
Which VPNs Are Safe?
So, which VPNs are safe and which aren't? For all the reasons we've outlined above, it isn't possible to label any single service as one or the other, since issues can arise even among the best. With thousands of servers around the world, potential issues can happen anywhere at any time.
Still, there are a few VPNs that we would prefer to trust our data with. Below, we'll introduce you to the best of these, which tick most of the security boxes we mentioned in the previous section. To be as objective as possible, we've also highlighted their security lapses:
NordVPN
First place in our ranking went to NordVPN, owing to what we think is the best VPN package on the market. We were impressed not only with its user-friendly apps and variety of features but also with its excellent speeds (first place in our ranking).
In terms of security, there isn't much to complain about: NordVPN possesses all of the technical features needed to ensure that you and your data are safe, promises not to log traffic, and regularly submits to independent audits. We couldn't identify any leaks during testing either.
The company isn't perfect though. In 2018, one of its servers in Finland was targeted by hackers. While in and of itself, this wouldn't be a major issue, Nord only publicized the incident after a significant amount of time had passed. All the same, we rate NordVPN's security highly.
Surfshark
Surfshark isn't just one of the quickest and most affordable VPNs on the market, it's also one of the safest. The service's Privacy Policy is solid, they regularly submit to independent security audits, and we were unable to identify any leaks during testing. Rounding things out, we aren't aware of any scandals or issues in the company's corporate history.
ProtonVPN
ProtonVPN takes transparency to another level: The provider's app is completely open-source, meaning that its source code is accessible to anyone (and can be checked). On top of that, the Swiss provider also offers a few extra security features, such as "Secure Core", which routes connections through an additional secure server, should your main VPN server encounter any issues.
Security-conscious users might have some issues with Proton though. That company, which operates a secure email program (ProtonMail), was on the receiving end of negative headlines in 2021 for its cooperation with French authorities. For VPN users, this could be an issue, since Swiss courts appear willing to subpoena Proton for privileged information.
ExpressVPN
ExpressVPN is one of the priciest VPNs on the market, but also among the most user-friendly and well-performing, boasting a huge server network. Its security standards are also high and backed up by regular independent security audits.
We do have some doubts about the service though: It was purchased by Kape Technologies in 2021, a company that was earlier a malware spreader. For people like Edward Snowden, the ties to Kape Technologies are reason enough to shy away from using it:
Edward Snowden bluntly advised his Twitter followers not to use ExpressVPN.
Despite its purchase by Kape, ExpressVPN continues to operate independently, with nothing having changed so far as its security standards are concerned. All the same, we're keeping an eye on them and would advise anyone considering them to do the same.
The services listed above all offer top-notch security and performed well in our comprehensive EXPERTE.com test. However, as we've shown, even the safest VPN provider isn't without controversy. For that reason, we strongly recommend doing your homework on whatever VPN you're considering booking a subscription with. Most of the time, you're safer online with a VPN than without one.
Conclusion
Whether a particular VPN is safe depends largely on how you define security, what you intend to use the service for, and which provider you've selected. While they won't do anything against malware or phishing, your digital privacy and anonymity will be shielded. Especially if you're using public WiFi, VPNs are a must, even if they can't guarantee 100% security.
How well a VPN fends off threats to your privacy depends upon which provider you choose. Ideally, these shouldn't log your traffic, behavior, or data, or have any leaks, while offering important features like a kill switch. Particularly important is that your VPN regularly submits to independent security audits.
At the end of the day, you'll be able to enjoy safer surfing with a reliable VPN provider than without one, but that doesn't mean issues won't arise. For that reason, be cautious and don't rely on your VPN connection to take care of everything. Comprehensive reviews of 27 VPNs, including exhaustive assessments of their security, can be found in our VPN comparison.
FAQs
VPNs act as a tunnel between your device and the Internet. They conceal your IP address and location while preventing others from snooping on your activities. When connected to public WiFi, this means that other users on the network can't see or follow what you're doing.
The security of a VPN connection depends upon its operator. A VPN provider must fulfill certain technical prerequisites by offering things like state-of-the-art encryption standards. Beyond that, they shouldn't save or store any data that could identify users, and in a perfect world, will regularly submit to independent security audits. Even then, 100% security is illusory. Still surfing with a VPN is safer than without one.
Yes, VPN connections can and have been hacked. At the same time, the likelihood that a powerfully-encrypted VPN connection will be hacked is much lower than a regular Internet connection.
