Jul 28, 2020, 10:17 am1.3k ptsHot
What qualifies as a secure VPN? Many VPN companies advertise themselves as the most secure providers out there – so how believable are those claims? Well, ProPrivacy have already verified the most secure VPNs here, but here's what they focused on in their research.
The Features Every Secure VPN Needs
A VPN client is only as secure as the features it offers, and how well they're implemented. Here's what you need to check for if you require top-notch security in your day-to-day activities.
- Flexible encryption options – it's great if a VPN can offer you AES 256-bit encryption, since it's approved for securing TOP SECRET-level information by the NSA. However, such strong encryption can put a dent in Internet speeds for the average user. As such, it's great if your VPN client lets you switch to AES 128-bit or IKEv2/IPsec – almost as secure, but less resource-heavy.
- A kill switch – VPN providers strive for 100% uptime on their servers, but things are bound to go wrong even with the most capable hardware. When you experience connectivity issues with your VPN, the kill switch simply turns off all network traffic. This helps prevent any IP and data leaks to your ISP until the connection can be re-established.
- Perfect Forward Secrecy (PFS) – in the extremely unlikely event that your VPN gets hacked, PFS helps by frequently changing the key required to "unlock" your data and make it readable. As such, only a tiny portion of your data ends up exposed.
- VPN obfuscation – in countries where using a VPN is banned or heavily restricted, you'll need a provider with so called "stealth servers." The fact that you're connected to a VPN is hidden from your ISP or anyone snooping in, guaranteeing maximum privacy.
Optional, but Nice to Have
There are some extra features that aren't entirely necessary for a VPN to be considered secure, but are neat additions to the overall package. For example, some VPNs automatically block known malware, phishing, and ad tracking domains – which are a great threat to your privacy and security.
However, you can benefit from this functionality even if the provider doesn't support it. Simply use an all-purpose blocker like uBlock Origin or Privacy Badger, and you're set. You'll also be protected from most forms of script-based tracking, which a VPN can't exactly block by itself.
Other than that, multi-hop VPN is another great security feature, but which might be overkill for the average user. Basically, you chain two or more VPN servers together to shield your network data under multiple layers of encryption. This can also help against highly specific cyber attacks, such as traffic analysis. Unfortunately, multi-hop has the side-effect of significantly slowing down your connection.
The Legal Aspects of a Secure VPN
VPNs are more than just software. You need to look at who the providers are, where they are based, and a host of other things if you want the best protection. To make things easier, here are some things you should consider in your research.
1. Does the Provider Log Your Activity?
2. Is Their Jurisdiction Privacy-Friendly?
If your VPN is based in a country with any sort of data retention laws, that's a huge red flag. This means they legally can't keep a "no-logs" policy, so they can't fully protect your privacy from potential government abuse.
Research the privacy laws of the country your provider is based in. At the very least, this will give you some idea of whether your VPN fights for your privacy or just for your subscription money.
3. Have They Been Audited or Had Their Security Tested?
Claiming that you keep no logs in your privacy is one thing – having those claims tested is another. Trust in your provider plays a big part in choosing a secure VPN, so this should remove any doubts. How can you verify this? Well, some providers recommended by ProPrivacy have been audited by independent cybersecurity firms – so keep an eye out for that.
Alternatively, you could check the news. Has your provider been involved in a government seizure of their servers like ExpressVPN? Has their no-logging policy been proven through court documents like in the case of Private Internet Access? Any such real-world scenarios are just as good (if not better) at proving your VPN's security claims as an independent audit.
Does this sound like too much info to go through? Then you could always check ProPrivacy's guide for some providers that tick every box.