Deciding to use a VPN is a relatively simple decision. But choosing which VPN provider to sign up with is much more tricky. All most people know is they want something that will ensure their security and privacy when online.
If only it were that simple. Online security and privacy is not black and white and a quick search of VPN providers will reveal a huge variety of different features and claims. These can be confusing for some customers, especially those that are not particularly computer literate.
So, exactly which security features should you be looking for in your VPN provider? In this article, we are going to highlight eight security features which we believe most VPN users will benefit from, as well as suggest some of the VPN providers which offer them.
1) No-logs
Privacy is of paramount concern to most VPN users and this means that the most important security consideration you should be on the lookout for is a no user logs policy. This means that your VPN provider keeps no records of what you are doing online.
But beware. Almost all of the main VPN providers claim to offer a no logs policy, but these policies are often not as clear-cut as they may seem. Different providers interpret the term ‘no logs’ in different ways.
For example, some providers may not keep records of the websites you are visiting or the apps you are using, but they may record data such as the times that you connect and disconnect from their service, the IP Address and server you are using, and your original IP Address. This is known as metadata.
Such providers may claim to still keep no user logs, but the reality is that it is fairly easy to law enforcement agencies and others to use this data to link you to your online activity. Several people have faced legal action on the basis of such evidence already.
Other VPNs, especially so-called free ones, have a habit of claiming a no user logs policy, but actually collecting information anyone. Sometimes they will claim that this information is anonymous, but often it is just packaged in the easiest way to sell it to third parties.
The best way to be sure about VPNs no logs policy is to do your research and read our reviews before signing up. We have delved into the small print of their privacy policies to find out the truth about exactly what data they hold and whether their no logs claims are really all they seem.
2) Kill Switch
VPNs are pretty reliable these days, but even the best can lose their connection from time to time. This is especially true if you are connecting to a server on the other side of the world.
But if you are relying on your VPN to make your connection secure and private, this can be a problem. For example, if you are using a VPN to circumvent online censorship in Communist China, there could be very severe consequences if your VPNs drops out and authorities can see what you are doing online.
This is why a kill switch is so essential. It is an extremely simple feature which quite simply cuts your internet connection completely if your VPN connection is lost.
This means that any apps or websites you are using will immediately and automatically go offline and so prevent anyone from being able to see what you are doing.
A Kill Switch is built into most main VPN providers, such as ExpressVPN and NordVPN, as standard these days. But it is always worth checking the settings to ensure that your kill switch is enabled before going online.
3) Jurisdiction
It is not just authoritarian regimes like the one in Communist China which is clamping down on online freedoms. Even democratic countries like the UK, USA, and Australia have passed laws which serious undermine online freedoms.
This is a problem for VPN providers because they are required to comply with the laws of the countries where they are based. In Australia for example, all VPN companies are now treated like telecoms companies and required to retain user data for a year.
This is why it is important to check out the jurisdiction in which your VPN provider is headquartered to understand how they are using your data.
Most free VPNs are based in China, which is very bad for online privacy. Other, like IPVanish are based in the USA, which has some requirements, but not retention of user data at the moment.
If you really want to be sure your VPN provider is not having to comply with laws that undermine your online privacy, the best bet is to choose a VPN that is based offshore.
This is increasingly common these days, with ExpressVPN being based in the British Virgin Islands and NordVPN headquartered in Panama. Countries like this have no such privacy-busting laws, so your privacy is assured.
4) Custom DNS
DNS is an acronym standing for Domain Name System. It is essentially the phonebook of the internet. It helps to translate the domain names that we use to access websites into the IP Addresses used by browsers.
You may come across the term when you are searching through security features as many VPNs offer DNS leak protection. A DNS leak is a security flaw that allows DNS requests to be revealed to ISP DNS servers and so can reveal information about your real IP Address, which VPNs will ordinarily hide.
DNS leak protection is a good feature to have, but even better is the option for Custom DNS. This means that any DNS look ups are routed through the VPN rather than your ISP.
An increasing number of VPN providers, such a Private Internet Access, offer custom DNS servers and if you want to be sure your IP Address is secure, they are a very worthwhile feature.
5) Encryption Levels
All VPNs will offer some form of encryption, but as the technology develops, so too does hackers ability to get around it.
This is why it is vital that your VPN offers the strongest level of encryption possible in order to protect your data.
Most VPNs will claim to offer market-leading encryption or even military-grade encryption. But it is important to look beneath these hollow phrases to see the figures.
The minimum that you should be looking for these days from a premium VPN is 256-bit encryption with at least 2048 bit authentication. If your VPN offers anything lower than this, you might still be safe, but there is also a chance that you aren’t.
But don’t worry. Most of the top VPNs such as ExpressVPN and IPVanish do meet these levels, meaning you can trust them to keep you safe.
6) Public Audit or proven no-log policy.
Any VPN provider can make claims about the services they offer on their website and social media. But, how do you know if you can trust what they say? There have been a few cases involving the likes of PureVPN and EarthVPN, which suggests perhaps you shouldn’t.
Until recently, you would have had to rely on word of mouth or reviews such as the ones we undertake here on VPNCompare.co.uk. But there is now an ever more cast-iron way of knowing just how good a VPN provider is.
A number of VPNs have started commissioning independent audits of their service to prove the quality of their online security and privacy offerings.
Tunnelbear was the first to do this last year. Since then, other prominent providers such as VyprVPN have followed suit. Even big names like NordVPN have completed independent audits too.
Our reviews are dependable and trustworthy, but we can only test the service as a user. An independent audit can delve into the coding and processes used by a VPN. And if they say a provider offers good security and privacy protection, you can be 100% sure it’s the truth.
7) Shared IP Addresses
As we said above, an IP Address is what most websites and online services use to identify their individual users. Using a VPN will change your IP Address, but in most cases, you will still be assigned an individual IP to use.
But if that information is retained by your VPN provider, it could still be used to link you to your online activity. For privacy-conscious users, this is a big concern, which is why a growing number of VPNs are beginning to employ shared IP Addresses.
A shared IP Address is one which is used by multiple VPN users rather than just one. By using a shared IP Address, it becomes impossible to link your internet activity directly back to you because any of the users connected to that IP Address could be visiting that site.
IPVanish is just one example a provider moving towards shared IP Addresses. They have more than 40,000 shared IP Addresses available to all their users.
There can be some drawbacks to shared IP Addresses. For example, if you are sharing with someone doing something dodgy online, you could find logging into to certain sites you need you to jump through one or two extra hoops.
But the chances of this happening is pretty remote and, if privacy is a priority and you want to obfuscate your identity online, shared IP Addresses are a great feature.
8) Warrant Canary
A Warranty Canary is not yellow and it doesn’t go ‘tweet-tweet’. Instead it is a really useful feature that lets users know if their data has been subject to a government subpoena.
Usually subpoenas would be confidential and VPNs and other communications companies would be prohibited from telling their users about it.
But a Warranty Canary is a clever way around this restriction. What a VPN provider will do is send out a notice informing users that there has not been a government subpoena of their data as of a particular date.
If this canary is then not updated or if the warning is removed, users are to assume that there has now been a subpoena issued.
Warranty Canaries are particularly useful in the USA, where legislation such as the Patriot Act and the existence of National Security Letters enables government to demand all sorts of private information in secret.
But users of VPNs like NordVPN can be reassured that if they are subject to such a data-grab, there is a mechanism in place to let them know.
In Summary
In this article, we have identified eight different security features that you should look out for. Not every user will benefit from every one, which is handy because there isn’t one single VPN which offers them all.
But depending on your reasons for using a VPN, a number of these features are likely to be beneficial to you. Some, like a no user logs policy and a kill switch should, in our view, be mandatory.
Others are less essential for all users, but really useful for some. Hopefully, this article has given you a better idea of what features are best for you.
What else do you consider essential when choosing a VPN service? I would love to hear your thoughts so why not drop a comment in the comments section below?
