Last Updated: January 4, 2022
Privacy is the primary motivation for using a virtual private network (VPN). But cybersecurity is an important concern too.
So, are VPNs safe? Keep reading to find the truth about VPN safety.
What Is VPN?
At the most basic level, VPNs are supposed to do two things. One is to spoof your location when connecting to the internet. The other is to hide your traffic data – including your Domain Name System (DNS) requests – using cryptography.
If you use a VPN that does its job as intended, you’ll be able to:
- bypass geo-restrictions
- download torrents
- play games anonymously
- surf the Web
Your internet service provider (ISP) won’t be able to monitor your browsing activity.
Are VPNs Safe?
Most of them.
Some of them may leak out your data streams to third parties.
They Belong to Dubious Owners
A VPN is only as trustworthy as its owner. It can sometimes be difficult to check the credibility of a company, however.
From a cybersecurity point of view, a VPN run by an unknown entity doesn’t inspire confidence.
Furthermore, some VPNs are actually sister brands.
Are VPNs safe when controlled by just one company?
If you’re avoiding a particular organization due to its controversial past or origin, you may still wind up using a service it provides.
They Collect and Sell Your Data
The VPN vendors that blatantly or aggressively display ads are likely monitoring your browsing activity. They aim to profile you the way Google and Facebook do.
Installing a VPN that gathers and offers your traffic data to the highest bidder isn’t exactly secure. Its database is prone to hacking and may ultimately reveal your personal information to identity fraudsters.
This is common among free services.
So, is VPN safe when there’s a fee involved? Not necessarily, but at least you know how it makes money.
They Install Malware
As crazy as it sounds, some VPNs can and will infect your device with bugs. Most of the time – for advertising purchases. But some offenders take it too far.
There are VPN vendors that subtly use your device’s processing power for profit, stealing your bandwidth in a way. They allow other users to browse the internet through your Internet Protocol (IP) address. So, they make you accountable for any sketchy action others may commit online.
In fairness, some malware-infecting VPN vendors admit they do it. So, read the fine print first.
They Can’t Encrypt Your IP Address and DNS Requests Consistently
Any vendor guilty of IP and/or DNS leaks isn’t worth the trouble. These VPN security issues defeat the whole purpose of using a privacy tool, free or paid.
That’s why you ought to run tests first. Perform one before and then after turning on the app. These tests only take seconds to complete, so don’t skip them.
They Use Questionable Protocols
Some VPN vendors still use obsolete tunneling protocols, which are a cybersecurity disaster waiting to happen. Point-to-Point Tunneling Protocol (PPTP) is an excellent example.
Outdated sets of processes for packaging and transmitting traffic data may involve weak encryption. Snoopers can exploit this vulnerability.
Moreover, not all protocols with no known major VPN internet security weaknesses are guaranteed to be safe. For instance, Layer 2 Tunneling Protocol over Internet Protocol Security (L2TP/IPSec) is linked to the National Security Agency. The Secure Socket Tunneling Protocol (SSTP) was originally developed by Microsoft.
Are VPNs safe if they don’t support any of the said tunneling protocols? Maybe, maybe not.
With the exception of PPTP, any distrust of L2TP/IPSec and SSTP usually stems from speculation. We have no solid evidence that they have covert backdoors. But it helps to have more trusted options, such as OpenVPN and WireGuard, to choose from.
They Keep Activity Logs
Disreputable encrypted VPN service providers keep a record of the activity of their users. Logs are an invitation for trouble, for they attract cybercriminals. Governments can likewise use these records to investigate parties that use VPNs for illegitimate reasons.
They Play Ball With Repressive Governments
Some countries either ban or restrict the use of internet privacy tools.
More often than not, authoritarian regimes allow VPN service providers to operate only if they are willing to cooperate.
Sometimes, anti-VPN governments require vendors to modify their protocols perhaps to give the authorities access to traffic data. On other occasions, leaders banish service providers that don’t comply with their censorship rules.
Are Free VPN Safe?
Now here’s the million-dollar question: are free VPN safe?
First things first.
You can still find free secure VPN services out there.
In general, you can trust freemium VPN service providers. You can clearly understand how they generate revenue.
A safe way to test-drive a vendor at no cost is a free trial.
Sure, it may be financially risky if your credit card information is needed upfront. But it gives you the chance to try the full version. You can cancel early if you don’t like it.
So, is VPN safe if there’s an option to upgrade to a premium plan? There’s a great chance that it is, but still, be careful.
Even secure VPN services can’t ensure 100% safety.
What Makes a VPN Safe?
How can you tell whether an option is safe? Below are the things to look for in a secure VPN.
Headquarters Outside Jurisdiction of Fourteen Eyes Alliance
The Fourteen Eyes Alliance is a group of Western countries that have been known to spy on their citizens and share intelligence with one another. Members include the US, Germany, Italy, Canada, the UK, France, etc.
Four other countries have been exposed or suspected to collaborate with Fourteen Eyes Alliance members:
- South Korea
It would be wise to avoid an encrypted VPN service provider based on any of these places. These countries could use the law to get access to the VPN databases under their jurisdiction and get your data.
Strict Zero-Log Policy
Any VPN vendor that doesn’t store its users’ personally identifiable information is a good option. It doesn’t matter whether its system gets hacked or a government subpoenas its records. Third parties can’t learn about what you do on the internet if your VPN service provider saves none of your data on its servers.
IP and DNS Leakage Prevention
Always do leakage tests. Doesn’t matter what the vendor claims, don’t trust it unless you’ve seen it for yourself. This way, you can determine if it’s worth using over the long term.
Unlike closed-source tunneling protocols, such as proprietary ones, open-source options are much safer – security experts can freely audit them. They’re not without VPN security risks, but their decentralized nature makes them more reliable.
In terms of VPN security, WireGuard, OpenVPN, and Internet Key Exchange v2 (IKEv2) are the best open-source tunneling protocols out there.
Advanced Security Features
VPNs with malware detection, ad blocking, and/or email breach monitoring capabilities may not be antivirus through and through. But they deliver an extra defense against unwanted programs.
Safest VPNs Worth Considering
Truth be told, not all VPNs that we’ve reviewed are flawlessly secure. Some have had scandals, have been accused of bandwidth theft, or have failed to prevent DNS leaks.
Nevertheless, we were delighted to discover that many of the most trusted VPN services were actually safe. When it comes to cybersecurity, the following should be in the conversation.
CyberGhost’s HQ is in Romania, away from the Fourteen Eyes Alliance. Most of its software development team is based in Germany, though. Its global network of servers (which supports 256-bit AES encryption) covers 91 countries.
You will have to pay $2.75 a month, but you get a 45-day money-back guarantee. This secure VPN offers an automatic kill switch. It also supports OpenVPN, IKEv2, and WireGuard tunneling protocols.
It asks for personal data, which you can submit voluntarily. But CyberGhost’s strict zero-log policy ensures that no third party can see your activity.
NordVPN conducts its day-to-day operations in Central America to benefit from the internet freedom in Panama.
Its 5,415 VPN servers are scattered across 59 countries. NordVPN used to have a wider presence, but it closed up shop in Russia in March 2019. It refused to participate in the country’s state-sponsored VPN registry. Such a move spoke volumes of NordVPN’s stance against censorship.
As cheap as $3.49 with a 30-day money-back guarantee, this VPN vendor has a kill switch, double VPN, and obfuscated servers. In addition, it has native Onion over VPN, ad-blocking, and malware-busting solutions.
This secure VPN app supports reliable protocols and strong cryptographic algorithms. But it takes pride in NordLynx, its own version of WireGuard.
Although proprietary, NordLynx reportedly allows the assignment of dynamic local IP addresses when the session is active. It handles user authentication through the use of a secure external database.
While NordVPN admittedly takes notes of access logs, it never collects any information related to online activity. So, the government may legally compel the company to reveal details about your device. The authorities won’t have the means to link you to connection timestamps and specific IP addresses, however.
So, is VPN safe?
Sure, if you choose wisely.
To get a truly safe VPN, you have to research carefully. Find where the HQ is based, read the fine print, and do your leakage tests.
VPNs protect you from data leakage when using the internet. Sadly, many VPNs don’t have a stellar reputation for security.
In some countries, they are completely banned. Most, however, don’t have specific regulations.
Not all VPNs are safe. Many vendors are actually actively violating the privacy of their users.
The most trustworthy ones aren’t free, support open-source tunneling protocols, and are outside the jurisdiction of snooping governments.
Some providers monitor the online activity of their users so that advertisers can profile them.
Are VPNs safe and how to find the best ones are just a few of the questions we’ve answered in the article above.