VPN service

{{Short description|Commercial service for proxied Internet access}}

{{For|the more general concept|virtual private network}}

{{Dynamic list|multiple=yes}}

{{Use dmy dates|date=February 2025}}

A virtual private network (VPN) service is a proxy server marketed to help users bypass Internet censorship such as geo-blocking and users who want to protect their communications against data profiling or MitM attacks on hostile networks.

A wide variety of entities provide VPN services for several purposes. But depending on the provider and the application, they do not always create a true private network. Instead, many providers simply provide an Internet proxy that uses VPN technologies such as OpenVPN or WireGuard. Commercial VPN services are often used by those wishing to disguise or obfuscate their physical location or IP address, typically as a means to evade Internet censorship or geo-blocking.

Providers often market VPN services as privacy-enhancing, citing security features, such as encryption, from the underlying VPN technology. However, users must consider that when the transmitted content is not encrypted before entering the proxy, that content is visible at the receiving endpoint (usually the VPN service provider's site) regardless of whether the VPN tunnel itself is encrypted for the inter-node transport. The only secure VPN is where the participants have oversight at both ends of the entire data path or when the content is encrypted before it enters the tunnel.

On the client side, configurations intended to use VPN services as proxies are not conventional VPN configurations. However, they do typically utilize the operating system's VPN interfaces to capture the user's data to send to the proxy. This includes virtual network adapters on computer OSes and specialized "VPN" interfaces on mobile operating systems. A less common alternative is to provide a SOCKS proxy interface.

In computer magazines, VPN services are typically judged on connection speeds, privacy protection including privacy at signup and grade of encryption, server count and locations, interface usability, and cost.{{cite web |last=Paul |first=Ian |url=https://www.pcworld.com/article/3198369/privacy/best-vpn-services-apps-reviews-buying-advice.html#toc-7 |publisher=PC World |title=Best VPN services of 2018: Reviews and buying advice |at=How we tested |date=2018-01-02 |archive-date=2018-01-04 |archive-url=https://web.archive.org/web/20180104160416/https://www.pcworld.com/article/3198369/privacy/best-vpn-services-apps-reviews-buying-advice.html#toc-7 |url-status=dead}}{{cite web |last=Eddy |first=Max |url=http://uk.pcmag.com/software/138/guide/the-best-vpn-services-of-2018 |publisher=PC Magazine |title=The Best VPN Services of 2018 |date=2018-01-15 |archive-date=2018-01-18 |archive-url=https://web.archive.org/web/20180118002225/http://uk.pcmag.com/software/138/guide/the-best-vpn-services-of-2018 |url-status=dead |quote=It's important to keep a few things in mind when evaluating which VPN service is right for you: reputation, performance, type of encryption used, transparency, ease of use, support, and extra features. }}{{cite web |last=Athow |first=Desire |url=http://www.techradar.com/vpn/best-vpn#how-to-test-a-vpn |publisher=TechRadar |title=The best VPN services for 2018 |at=How to test a VPN |date=2018-01-13 |archive-date=2018-01-17 |archive-url=https://web.archive.org/web/20180117232459/http://www.techradar.com/vpn/best-vpn#how-to-test-a-vpn |quote=We were looking for features, value, and clear and honest pricing. Free ways to learn more about a service - free plans, trial periods, refund periods - were important, and we also looked for companies which maintained your privacy when you signed up (no email address required, trials available without credit cards, Bitcoin available as a payment option). |url-status=dead}}{{cite web |last=Athow |first=Desire |url=http://www.techradar.com/vpn/best-vpn#how-to-choose-a-vpn-here-are-6-tips |publisher=TechRadar |title=The best VPN services for 2018 |at=How to choose a VPN: Here are 6 tips |date=2018-01-13 |archive-date=2018-01-17 |archive-url=https://web.archive.org/web/20180117232459/http://www.techradar.com/vpn/best-vpn#how-to-choose-a-vpn-here-are-6-tips |url-status=dead}}

In order to determine the degree of privacy and anonymity, various computer magazines, such as PC World and PC Magazine, also take the provider's own guarantees and its reputation among news items into consideration. Recommendation websites for VPNs tend to be affiliated with or even owned by VPN service providers.{{Cite journal |title=Investigating the VPN Recommendation Ecosystem |url=https://www.ieee-security.org/TC/SPW2022/ConPro/papers/ramesh-conpro22.pdf |journal=IEEE Security}}

In 2024, 1.6 billion people will use VPNs. By 2027, this market is projected to grow to $76 billion.{{Cite web |last=Hooson |first=Mark |date=2025-03-03 |title=VPN Statistics |url=https://www.forbes.com/uk/advisor/business/vpn-statistics/ |access-date=2025-03-19 |website=Forbes UK |language=en-GB}}

VPN use cases

  • Accessing geo-restricted content. VPNs allow users to bypass regional restrictions by hiding their IP address from the destination server and simulating a connection from another country. For example, users in regions with limited streaming libraries can use VPNs to access content available in other locations, such as accessing Netflix US from abroad.{{Cite journal |last=Smith |date=2023 |title=Unlocking Streaming Libraries: How VPNs Bypass Geo-Restrictions |url=https://techprivacyjournal.org/vpn-geo-restrictions |journal=TechPrivacy Journal}}{{Cite web |title=What Is Geo-Blocking and How to Bypass It in 2024? |url=https://www.01net.com/en/vpn/geo-blocking/#:~:text=You%20can%20bypass%20geo-blocks,through%20a%20free%20web%20proxy |access-date=2024-11-20 |website=01net |language=en-US}}
  • Protecting data on public Wi-Fi. Public Wi-Fi networks, such as those in cafes or airports, often do not provide isolated encryption for each connected device. In those cases, VPN services can provide a certain level of protection. When in use, potential eavesdroppers on the network can only observe that a connection to the VPN server is made by a user's device.{{Cite journal |last=Karaymeh |first=Ashraf |last2=Ababneh |first2=Mohammad |last3=Qasaimeh |first3=Malik |last4=Al-Fayoumi |first4=Mustafa |date=2019-10 |title=Enhancing Data Protection Provided by VPN Connections over Open WiFi Networks |url=https://ieeexplore.ieee.org/document/8923104/ |journal=2019 2nd International Conference on new Trends in Computing Sciences (ICTCS) |pages=1–6 |doi=10.1109/ICTCS.2019.8923104}} As of June 2025, however, approximately 98% of human-generated internet traffic was encrypted using TLS through the HTTPS protocol, as estimated by Cloudflare.{{Cite web |title=HTTP requests by HTTP/HTTPS time series: Distribution of HTTP requests by HTTP protocol (HTTP vs. HTTPS) over time |url=https://radar.cloudflare.com/explorer?dataSet=http&groupBy=http_protocol&filters=botClass%253DLikely_Human&timeCompare=2025-06-01 |url-status=live |access-date=June 9, 2025 |website=Cloudflare Radar}} When TLS is used, network eavesdropping can only point out the IP addresses or hostnames a user is connecting to. Interception of network requests by a bad actor in the form of a Man-in-the-middle attack will most likely result in a certificate warning in being displayed in the user's browser, as described in IETF RFC 5280.{{Cite report |url=https://datatracker.ietf.org/doc/rfc5280/ |title=Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile |last=Boeyen |first=Sharon |last2=Santesson |first2=Stefan |last3=Polk |first3=Tim |last4=Housley |first4=Russ |last5=Farrell |first5=Stephen |last6=Cooper |first6=David |date=2008-05 |publisher=Internet Engineering Task Force |issue=RFC 5280}} SSL stripping (the practice of downgrading a connection to unencrypted HTTP{{Cite news |last=Greenberg |first=Andy |date=2009-02-18 |title=Breaking Your Browser's 'Padlock' |url=http://www.forbes.com/2009/02/18/black-hat-hackers-technology-security_0218_blackhat.html |archive-url=https://web.archive.org/web/20140227132201/http://www.forbes.com/2009/02/18/black-hat-hackers-technology-security_0218_blackhat.html |archive-date=2014-02-27 |access-date=2025-06-09 |work=Forbes |language=en}}{{Cite news |title=SSLStrip Hacking Tool Released -- Dark Reading |url=http://www.darkreading.com/security/news/214502801 |archive-url=https://web.archive.org/web/20131002162345/http://www.darkreading.com/security/news/214502801 |archive-date=2013-10-02 |access-date=2025-06-09 |work=Dark Reading |language=en}}{{Cite journal |last=Shahid |first=Muhammad Azhar |last2=Akram |first2=Urooj |last3=Shahid |first3=Muhammad Mazhar Ali |last4=Samad |first4=Ali |last5=Mushtaq |first5=Muhammad Faheem |last6=Majeed |first6=Rizwan |date=2020-11 |title=A Systematic Approach Towards Compromising Remote Site HTTPS Traffic Using Open Source Tools |url=https://ieeexplore.ieee.org/document/9318180/ |journal=2020 IEEE 23rd International Multitopic Conference (INMIC) |pages=1–6 |doi=10.1109/INMIC50486.2020.9318180}}), however, doesn't always result in a browser warning,{{Cite journal |last=Hossain |first=Md. Shohrab |last2=Paul |first2=Arnob |last3=Islam |first3=Md. Hasanul |last4=Atiquzzaman |first4=Mohammed |date=2018-04-01 |title=Survey of the Protection Mechanisms to the SSL-based Session Hijacking Attacks |url=http://www.macrothink.org/journal/index.php/npa/article/view/12478 |journal=Network Protocols and Algorithms |volume=10 |issue=1 |pages=83 |doi=10.5296/npa.v10i1.12478 |issn=1943-3581}} although this has been partly mitigated by the implementation of HTTP Strict Transport Security.{{Cite web |last=Ali |first=Junade |date=2017-10-20 |title=Performing & Preventing SSL Stripping: A Plain-English Primer |url=https://blog.cloudflare.com/performing-preventing-ssl-stripping-a-plain-english-primer/ |url-status=live |access-date=2025-06-09 |website=The Cloudflare Blog}}{{Cite book |last=Bramwell |first=Phil |title=Hands-on penetration testing on Windows: unleash Kali Linux, PowerShell, and Windows debugging tools for security testing and analysis |date=2018 |publisher=Packt Publishing |isbn=978-1-78829-509-3 |location=Unleash Kali Linux, PowerShell, and Windows debugging tools for security testing and analysis}} Hence, this use case of VPN services is subject of discussion.
  • Ensuring privacy for activists and journalists. Activists and journalists working in restrictive or authoritarian regions often use VPNs to maintain anonymity and protect sensitive communications. VPNs mask IP addresses and encrypt data, ensuring safe access to information and secure communication channels.{{Cite web |author1=Chiara Castro |date=2024-01-26 |title=Data privacy: top VPN helps journalists and activists to stay safe online |url=https://www.techradar.com/pro/vpn/data-privacy-top-vpn-helps-journalists-and-activists-to-stay-safe-online |access-date=2024-11-20 |website=TechRadar |language=en}}

Criticism and limitations

Users are commonly exposed to misinformation on the VPN services market, which makes it difficult for them to discern fact from false claims in advertisements.{{Cite journal|last1=Perta|first1=Vasile C.|last2=Barbera|first2=Marco V.|last3=Tyson|first3=Gareth|last4=Haddadi|first4=Hamed|last5=Mei|first5=Alessandro|date=2015-04-01|title=A Glance through the VPN Looking Glass: IPv6 Leakage and DNS Hijacking in Commercial VPN clients|url=http://dx.doi.org/10.1515/popets-2015-0006|journal=Proceedings on Privacy Enhancing Technologies|volume=2015|issue=1|pages=77–91|doi=10.1515/popets-2015-0006|issn=2299-0984|hdl=10044/1/56834|s2cid=3468680|hdl-access=free}} According to Consumer Reports, VPN service providers have poor privacy and security practices and also make hyperbolic claims.{{Cite web |last=Grauer |first=Yael |title=VPN Testing Reveals Poor Privacy and Security Practices, Hyperbolic Claims |url=https://www.consumerreports.org/vpn-services/vpn-testing-poor-privacy-security-hyperbolic-claims-a1103787639/ |access-date=2023-01-18 |website=Consumer Reports |date=30 September 2022 |language=en-US}} The New York Times has advised users to reconsider whether a VPN service is worth their money.{{Cite news|last=Chen|first=Brian X.|date=2021-10-06|title=It's Time to Stop Paying for a VPN|language=en-US|work=The New York Times|url=https://www.nytimes.com/2021/10/06/technology/personaltech/are-vpns-worth-it.html|access-date=2021-12-21|issn=0362-4331}} VPN services are not sufficient for protection against browser fingerprinting.{{Cite web|title=You Tossed Your Cookies But They're Still Tracking You; Here's How to Hide Your Browser Fingerprint|url=https://www.pcmag.com/how-to/you-tossed-your-cookies-but-theyre-still-tracking-you-heres-how-to-hide|access-date=2021-12-21|website=PCMAG|language=en}}

Common misconceptions

  • A VPN service does not make one's Internet use private. Users can still be tracked through tracking cookies and device fingerprinting, even if the user's IP address is hidden.
  • A VPN service can log the user's traffic, although this depends on the VPN provider.
  • A VPN service does not make the user immune to cyberattacks.{{cite web |last1=O'sullivan |first1=Fergus |title=VPN Myths Debunked: What VPNs Can and Cannot Do |url=https://www.howtogeek.com/753661/vpn-myths-debunked-what-vpns-can-and-cannot-do/ |website=How-To Geek |date=27 September 2021 |access-date=16 January 2022 |archive-date=13 November 2022 |archive-url=https://web.archive.org/web/20221113172155/https://www.howtogeek.com/753661/vpn-myths-debunked-what-vpns-can-and-cannot-do/ |url-status=live }}
  • A VPN service is not in itself a means for good Internet privacy. The burden of trust is simply transferred from the ISP to the VPN service provider.{{cite web | url=https://ssd.eff.org/en/module/understanding-and-circumventing-network-censorship | title=Understanding and Circumventing Network Censorship | date=25 April 2020 | access-date=15 October 2022 | archive-date=15 October 2022 | archive-url=https://web.archive.org/web/20221015202322/https://ssd.eff.org/en/module/understanding-and-circumventing-network-censorship | url-status=live }}{{cite web | url=https://cdt.org/insights/techsplanations-part-5-virtual-private-networks/ | title=Techsplanations: Part 5, Virtual Private Networks | date=16 October 2018 | access-date=15 October 2022 | archive-date=15 October 2022 | archive-url=https://web.archive.org/web/20221015202316/https://cdt.org/insights/techsplanations-part-5-virtual-private-networks/ | url-status=live }}
  • A VPN service is not a VPN. VPNs allow you to access a private network from a remote location as if you were in the same place. VPN services do not grant access to private networks.

Legality

{{see|VPN blocking}}

In March 2018, the use of unapproved VPN services was banned in China, as they can be used to circumvent the Great Firewall.{{Cite news |title=Businesses, consumers uncertain ahead of China VPN ban |language=en-US |work=Reuters |url=https://www.reuters.com/article/us-china-vpns/businesses-consumers-uncertain-ahead-of-china-vpn-ban-idUSKBN1H612F |access-date=2018-04-03}} Operators received prison sentences and were penalized with fines.{{Cite web|date=2017-12-21|title=Man jailed for 5½ years, fined US$76,000 for selling VPN in China|url=https://www.scmp.com/news/china/policies-politics/article/2125326/man-jailed-51/2-years-fined-us76000-selling-vpn|access-date=2020-08-10|website=South China Morning Post|language=en}}{{Cite web|last=Cimpanu|first=Catalin|title=Chinese man arrested after making $1.6 million from selling VPN services|url=https://www.zdnet.com/article/chinese-man-arrested-after-making-1-6-million-from-selling-vpn-services/|access-date=2020-08-10|website=ZDNet|language=en}}{{Cite web|date=2020-07-30|title=Using a VPN to watch porn gets a man punished in China|url=https://www.scmp.com/abacus/tech/article/3095201/man-punished-using-vpn-scale-chinas-great-firewall-and-watch-porn|access-date=2020-08-10|website=South China Morning Post|language=en}}{{Cite news|date=2019-01-11|title="翻墙"网民受罚 中国进一步强化网络管控|language=zh-Hans|trans-title=Internet User Fined for Scaling Great Firewall - China strengthens Internet Control|work=BBC News 中文|url=https://www.bbc.com/zhongwen/simp/chinese-news-46823319|access-date=2020-08-10}} Russia banned various VPN service providers in 2021.{{Cite news |date=2022-03-14 |title=Russians' demand for VPNs skyrockets after Meta block |language=en |work=Reuters |url=https://www.reuters.com/technology/russians-demand-vpns-skyrockets-after-meta-block-2022-03-14/ |access-date=2022-04-07}}

Comparison of commercial virtual private network services<span class="anchor" id="comparison"></span>

= Privacy =

PC Magazine recommends that users consider choosing a provider based in a country with no data retention laws because that makes it easier for the service to keep a promise of no logging.{{cite web |last=Eddy |first=Max |url=http://uk.pcmag.com/software/138/guide/the-best-vpn-services-of-2018 |publisher=PC Magazine |title=The Best VPN Services of 2018 |at=Can You Trust Your VPN Service? |date=2018-01-15 |archive-date=2018-01-18 |archive-url=https://web.archive.org/web/20180118002225/http://uk.pcmag.com/software/138/guide/the-best-vpn-services-of-2018 |url-status=dead}} PC Magazine and TechRadar also suggest that users read the provider's logging policy before signing up for the service, because some providers collect information about their customers' VPN usage.{{cite web |last=Krebs |first=Brian |authorlink=Brian Krebs |url=https://krebsonsecurity.com/2017/03/post-fcc-privacy-rules-should-you-vpn/ |title=Post-FCC Privacy Rules, Should You VPN? |work=Krebs on Security |date=2017-03-17 |archivedate=2018-01-18 |archiveurl=https://web.archive.org/web/20180118024429/https://krebsonsecurity.com/2017/03/post-fcc-privacy-rules-should-you-vpn/ }} PC World recommends that users avoid free services as a rule of thumb and said free services either sell their users' browsing data in aggregated form to researchers and marketers, or only offer a minimal amount of data transfer per month.{{cite web |last=Paul |first=Ian |url=https://www.pcworld.com/article/3198369/privacy/best-vpn-services-apps-reviews-buying-advice.html#toc-6 |publisher=PC World |title=Best VPN services of 2018: Reviews and buying advice |work=What to look for in a VPN |date=2018-01-02 |archivedate=2018-01-04 |archiveurl=https://web.archive.org/web/20180104160416/https://www.pcworld.com/article/3198369/privacy/best-vpn-services-apps-reviews-buying-advice.html#toc-6 }}

= Technical features =

class="wikitable sortable mw-collapsible" style="text-align: center; font-size: 80%; width: auto; table-layout: fixed;"

|+

! rowspan="2" | Service

! colspan="3" | Leak Protection

! colspan="2" | Protocols

! colspan="7" | Obfuscation / Censorship Avoidance

! colspan="2" | Network Neutrality

! colspan="2" | Server

First-party DNS servers

! IPv6 supported / blocked

! Offers kill switch

! Offers OpenVPN

! Offers WireGuard

! Supports multihop

! Supports TCP port 443

! Supports Obfsproxy

! Offers SOCKS

! Linux support

! Supports SSL tunnel

! Supports SSH tunnel

! Blocks SMTP (authent.)

! Blocks P2P

! Dedicated or virtual

! Diskless

Atlas VPN

|{{Yes}}

|{{Yes}}

|{{Yes}}

|{{No}}

|{{Yes}}

|{{Yes}}

|{{No}}

|{{No}}

|{{No}}

|{{Yes}}

|

|

|{{Some|Some}}

|{{yes|No}}

|{{yes|Dedicated}}

|{{No}}

Avast SecureLine

| {{yes}}

| {{yes}}

| {{yes}}

| {{yes}}

| {{no}}

| {{no}}

| {{no}}

|

|

| {{No}}

|

|

|

| {{some}}{{cite web |url=https://www.avast.com/secureline-vpn#pc |title=Avast SecureLine / A VPN to protect your online activities |work=It’s your Internet. Take it back - Connect with your peers. No tricks |url-status=live |archiveurl=https://web.archive.org/web/20171229094517/https://www.avast.com/secureline-vpn#pc |archivedate=2017-12-29 |quote=We support peer-2-peer (P2P) networking in some of our server locations. }}

| {{yes|Dedicated}}{{cite web |url=https://www.avast.com/secureline-vpn#pc |title=Avast SecureLine / A VPN to protect your online activities |work=Where speed meets capacity - Rows upon rows of dedication |url-status=live |archiveurl=https://web.archive.org/web/20171229094517/https://www.avast.com/secureline-vpn#pc |archivedate=2017-12-29 |quote=All of our VPN gateways run on dedicated hardware servers. }}

| {{no}}

ExpressVPN

| {{yes}}{{cite news |last=Eddy |first=Max |url=http://uk.pcmag.com/expressvpn/83190/review/expressvpn |title=ExpressVPN |work=PC Magazine |date=2017-05-12 |url-status=live |archiveurl=https://web.archive.org/web/20170514144901/http://uk.pcmag.com/expressvpn/83190/review/expressvpn |archivedate=2017-05-14 }}

| {{yes}}

| {{yes}}

| {{yes}}

| {{no}}

| {{no}}

|

|

|

| {{yes}}

| {{yes}}{{cite web |url=https://www.expressvpn.com/what-is-vpn/secure-vpn |title=Stay Safe and Keep Your Online Privacy With a Secure VPN |author=ExpressVPN |work=ExpressVPN Features |url-status=live |archiveurl=https://web.archive.org/web/20180104015732/https://www.expressvpn.com/what-is-vpn/secure-vpn |archivedate=2018-01-04 |quote=Our network is SSL-secured }}

|

|

| {{yes|No}}{{cite news |last=Williams |first=Mike |url=http://www.techradar.com/reviews/pc-mac/software/utilities/expressvpn-1325564/review |title=ExpressVPN review |work=TechRadar |date=2017-10-23 |url-status=live |archiveurl=https://web.archive.org/web/20180104005945/http://www.techradar.com/reviews/pc-mac/software/utilities/expressvpn-1325564/review |archivedate=2018-01-04 }}

| {{some|Both}}{{cite web |url=https://www.expressvpn.com/support/troubleshooting/virtual-server-locations/ |title=Virtual server locations |author=ExpressVPN |date=2017-12-04 |url-status=live |archiveurl=https://web.archive.org/web/20180104013616/https://www.expressvpn.com/support/troubleshooting/virtual-server-locations/ |archivedate=2018-01-04 }}

| {{yes}}

Hotspot Shield

| {{no}}

| {{no}}

| {{yes}}

| {{no}}

| {{no}}

| {{no}}

|

|

|

| {{no}}

|

|

|

|?

|

|

IPVanish

| {{yes}}{{cite web|title=DNS Leaks|url=https://support.ipvanish.com/hc/en-us/articles/115002079853-DNS-Leaks|website=IPVanish}}

| {{yes}}{{cite web|title=IPv6|url=https://support.ipvanish.com/hc/en-us/articles/115002074754-IPv6|website=IPVanish}}

| {{yes}}

| {{yes}}{{cite web|title=The Best VPN Service Provider with Fast, Secure VPN Access|url=https://www.ipvanish.com/|website=www.ipvanish.com|language=en}}

| {{yes}}{{cite web | url=https://www.ipvanish.com/wireguard-vpn/ | title=WireGuard® VPN Protocol - What is WireGuard? | IPVanish | date=12 October 2021 }}

| {{no}}

| {{yes}}{{cite web|title=Ports used for VPN Protocols|url=https://support.ipvanish.com/hc/en-us/articles/115002074594-Ports-used-for-VPN-Protocols|website=IPVanish}}

| {{yes}}{{cite web|title=Android VPN Software Setup - IPVanish|url=https://www.ipvanish.com/vpn-setup/android/|website=www.ipvanish.com|date=8 October 2021 |language=en}}

| {{yes}}

| {{yes}}{{cite web|title=VPN Software Setup - Choose Your Platform - IPVanish|url=https://www.ipvanish.com/vpn-setup/|website=www.ipvanish.com|date=6 October 2021 |language=en}}

| {{no}}

| {{no}}

| {{yes|No}}

| {{yes|No}}

| {{yes|Dedicated}}

| {{no}}

IVPN

| {{yes}}

| {{no}}{{cite web |url=https://www.ivpn.net/knowledgebase/109/Do-you-offer-IPv6.html |title=Do you offer IPv6? |author=IVPN |work=IVPN Help Center |author-link=IVPN |archive-url=https://web.archive.org/web/20190725132024/https://www.ivpn.net/knowledgebase/109/Do-you-offer-IPv6.html |archive-date=2019-07-25 |url-status=dead}}

| {{yes}}

| {{yes}}

| {{yes|Beta}}{{cite web |url=https://www.ivpn.net/blog/introducing-wireguard-fully-automated |title=Introducing WireGuard, fully automated. |author=IVPN |work=IVPN Blog |date=2018-12-11 |author-link=IVPN }}

| {{yes|Yes; OpenVPN}}

| {{yes}}

| {{yes}}

|

| {{yes}}{{cite web |url=https://www.ivpn.net/setup/gnu-linux-terminal.html |author=IVPN |title=VPN Setup guide for Linux using the terminal |url-status=live |archiveurl=https://web.archive.org/web/20180326223437/https://www.ivpn.net/setup/gnu-linux-terminal.html |archivedate=2018-03-26 |author-link=IVPN }}

|

| {{yes}}{{cite web |url=https://www.ivpn.net/knowledgebase/184/Does-IVPN-protect-SSH-connections.html |author=IVPN |title=Does IVPN protect SSH connections? |url-status=live |archiveurl=https://web.archive.org/web/20180326221837/https://www.ivpn.net/knowledgebase/184/Does-IVPN-protect-SSH-connections.html |archivedate=2018-03-26 |author-link=IVPN }}

| {{yes|No}}{{cite web |url=https://www.ivpn.net/knowledgebase/113/Do-you-allow-SMTP-email-whilst-connected-to-IVPN.html |author=IVPN |title=Do you allow SMTP (email) whilst connected to IVPN? |url-status=live |archiveurl=https://web.archive.org/web/20180326222125/https://www.ivpn.net/knowledgebase/113/Do-you-allow-SMTP-email-whilst-connected-to-IVPN.html |archivedate=2018-03-26 |author-link=IVPN }}

| {{yes|No}}{{cite web |url=https://www.ivpn.net/knowledgebase/78/Do-you-allow-P2P-or-BitTorrent-or-torrents-downloading.html |author=IVPN |title=Do you allow P2P / BitTorrent / torrents downloading? |url-status=live |archiveurl=https://web.archive.org/web/20180326222320/https://www.ivpn.net/knowledgebase/78/Do-you-allow-P2P-or-BitTorrent-or-torrents-downloading.html |archivedate=2018-03-26 |author-link=IVPN }}

| {{yes|Dedicated}}{{cite web |url=https://www.ivpn.net/knowledgebase/108/Answers-for-18-Questions-to-ask-your-VPN-Service-provider.html |title=Answers for "18 Questions to ask your VPN service provider" |author=IVPN |work=IVPN Help Center |author-link=IVPN }}

|

Mullvad

| {{yes}}{{cite web |url=https://www.mullvad.net/en/features/ |title=Features / Mullvad |work=Details |url-status=dead |archiveurl=https://web.archive.org/web/20171222160219/https://www.mullvad.net/en/features/ |archivedate=2017-12-22 |access-date=2017-12-26 }}

| {{yes}}

| {{yes}}

| {{yes}}

| {{yes}}{{cite web |url=https://mullvad.net/es/blog/2020/3/30/wireguard-no-longer-new-kid/ |title=WireGuard is no longer the new kid - Blog / Mullvad VPN |date=2020-03-30 |access-date=2020-03-30 }}

| {{yes|Yes; WireGuard}}{{cite web |url=https://www.mullvad.net/en/blog/2017/8/7/new-features-wireguard-users/ |title=New features for WireGuard users |url-status=live |archiveurl=https://web.archive.org/web/20180324045323/https://www.mullvad.net/en/blog/2017/8/7/new-features-wireguard-users/ |date=2017-08-07 |archivedate=2018-03-24 }} and SOCKS5

| {{yes}}

| {{no}}{{cite web |url=https://www.mullvad.net/en/blog/2017/10/24/client-version-65-released/ |title=Client version 65 released - Blog / Mullvad |author=Mullvad |work=Blog |date=2017-10-24 |url-status=live |archiveurl=https://web.archive.org/web/20180111043702/https://www.mullvad.net/en/blog/2017/10/24/client-version-65-released/ |archivedate=2018-01-11 |author-link=Mullvad }}

| {{yes}}{{cite web |url=https://mullvad.net/en/blog/2016/11/29/increased-security-socks5-proxy/ |title=Increased security with SOCKS5 proxy - Blog / Mullvad |url-status=live |archiveurl=https://web.archive.org/web/20171227150919/https://mullvad.net/en/blog/2016/11/29/increased-security-socks5-proxy/ |date=2016-11-29 |archivedate=2017-12-27 }}

| {{yes}}{{cite web |url=https://mullvad.net/en/guides/linux-openvpn-installation/ |title=Linux OpenVPN Installation - Guides / Mullvad |url-status=live |archiveurl=https://web.archive.org/web/20171226121448/https://mullvad.net/en/guides/linux-openvpn-installation/ |archivedate=2017-12-26}}

| {{yes}}

| {{yes}}

| {{yes|No}}

| {{yes|No}}

| {{yes|Dedicated}}{{cite web |url=https://www.mullvad.net/en/features/ |title=Features / Mullvad |work=Technical |url-status=dead |archiveurl=https://web.archive.org/web/20171222160219/https://www.mullvad.net/en/features/ |archivedate=2017-12-22 |access-date=2017-12-26 }}

|{{yes}}{{Cite web |title=We have successfully completed our migration to RAM-only VPN infrastructure |url=https://mullvad.net/en/blog/we-have-successfully-completed-our-migration-to-ram-only-vpn-infrastructure |access-date=2024-03-25 |website=Mullvad VPN |date=20 September 2023 |language=en}}

NordVPN

| {{yes}}{{cite web |url=https://nordvpn.com/features/dns-leak-test/ |title=Use DNS Leak Test & Quickly Identify DNS Requests Exposure! |author=NordVPN |authorlink=NordVPN |work=How can it affect you? |date=15 June 2017 }}

| {{no}}{{cite web |url=https://nordvpn.com/faq/ |title=Frequently Asked Questions (FAQ) |author=NordVPN |authorlink=NordVPN |work=Do you support IPv6? |url-status=live |archiveurl=https://archive.today/20170113030557/https://nordvpn.com/faq/ |archivedate=2017-01-13 |quote=No, but we are planning to add the support of IPv6 in 2018. }}

| {{yes}}

| {{yes}}{{cite web |url=https://nordvpn.com/faq/ |title=Frequently Asked Questions (FAQ) |author=NordVPN |authorlink=NordVPN |work=Technical information |url-status=live |archiveurl=https://archive.today/20170113030557/https://nordvpn.com/faq/ |archivedate=2017-01-13 }}

| {{yes|Yes; NordLynx based on WireGuard}}{{cite web|accessdate=November 15, 2019|title=The VPN Industry Is on the Cusp of a Major Breakthrough|first=Max|last=Eddy|url=https://www.pcmag.com/commentary/369921/the-vpn-industry-is-on-the-cusp-of-a-major-breakthrough|date=August 14, 2019|website=PCMag}}

| {{yes|Yes; OpenVPN}}{{cite web |url=https://nordvpn.com/features/double-vpn/ |title=Extra Security With Double VPN |author=NordVPN |authorlink=NordVPN |work=What is Double VPN & how does it work? |date=14 June 2017 }} and SOCKS5

| {{yes}}{{cite web |url=https://support.nordvpn.com/#/General-Info/Protocols/1047408082/What-is-OpenVPN.htm |title=What is OpenVPN? |author=NordVPN |authorlink=NordVPN |accessdate=March 14, 2018 |quote=For OpenVPN TCP connections - port 443.}}

|

| {{yes}}{{cite web |url=https://nordvpn.com/faq/ |title=Frequently Asked Questions (FAQ) |author=NordVPN |authorlink=NordVPN |work=Do you offer socks5 proxies? |url-status=live |archiveurl=https://archive.today/20170113030557/https://nordvpn.com/faq/ |archivedate=2017-01-13 |quote=Yes, we do support Socks5 proxies as well as HTTP proxies (1 HTTP and Socks5 proxy at each of our VPN server destinations). }}

| {{yes}}{{cite web |url=https://nordvpn.com/tutorials/linux/openvpn/ |title=How to setup OpenVPN on Linux |author=NordVPN |authorlink=NordVPN }}{{dead link|date=July 2024|bot=medic}}{{cbignore|bot=medic}}

|

|

| {{no|Yes}}

| {{yes|No}}{{cite web |url=https://nordvpn.com/features/great-p2p-opportunity/ |title=Best VPN for P2P |author=NordVPN |authorlink=NordVPN |work=Why is NordVPN the best VPN for P2P? |date=18 April 2018 }}

| {{yes|Dedicated}}

| {{yes}}

Private Internet Access

| {{yes}}{{cite web |url=https://www.privateinternetaccess.com/pages/client-support/ |title=Client Support Area / Private Internet Access VPN Service |work=DNS Leak Protection |url-status=live |archiveurl=https://archive.today/20171231150012/https://www.privateinternetaccess.com/pages/client-support/ |archivedate=2017-12-31 |quote=We use our own private DNS servers for your DNS queries while on the VPN. |access-date=2017-12-31 }}

| {{yes}}{{cite web |url=https://www.privateinternetaccess.com/pages/client-support/ |title=Client Support Area / Private Internet Access VPN Service |work=IPv6 Leak Protection |url-status=live |archiveurl=https://archive.today/20171231150012/https://www.privateinternetaccess.com/pages/client-support/ |archivedate=2017-12-31 |quote=IPv6 leak protection disables IPv6 traffic while on the VPN. This includes 6to4 and Teredo tunneled IPv6 traffic. }}

| {{yes}}

| {{yes}}{{cite web |url=https://www.privateinternetaccess.com/pages/how-it-works/# |title=How a VPN Tunnel Works / Private Internet Access VPN Service |url-status=live |archiveurl=https://archive.today/20171227092922/https://www.privateinternetaccess.com/pages/how-it-works/%23 |archivedate=2017-12-27 |quote=This is used in conjunction with the OpenVPN protocol [...] |access-date=2017-12-27 }}

| {{yes}}{{cite web |url=https://www.privateinternetaccess.com/blog/wireguard-on-pia-is-out-of-beta-and-available-to-use-on-windows-mac-linux-android-and-ios/ |title=WireGuard on PIA is out of beta and available to use on Windows, Mac, Linux, Android, and iOS |date=2020-04-10 |access-date=2023-02-04}}

| {{yes}}{{Cite web |title=Understanding the Multi-Hop Feature - Knowledgebase / Technical / Application Settings and Features / Application & Features - PIA Support Portal |url=https://helpdesk.privateinternetaccess.com/kb/articles/understanding-the-multi-hop-feature |access-date=2022-06-06 |website=helpdesk.privateinternetaccess.com}}

| {{yes}}{{cite web |url=https://helpdesk.privateinternetaccess.com/hc/en-us/articles/220934827-What-ports-are-used-by-your-VPN-service- |title=What ports are used by your VPN service? / Private Internet Access |url-status=dead |archive-url=https://archive.today/20170131093923/https://helpdesk.privateinternetaccess.com/hc/en-us/articles/220934827-What-ports-are-used-by-your-VPN-service- |date=2016-08-29 |archive-date=2017-01-31 |access-date=2017-12-26 }}

| {{no}}

| {{yes}}{{cite web |url=https://www.privateinternetaccess.com/pages/client-support/ |title=Client Support Area / Private Internet Access VPN Service |work=SOCKS5 Proxy Usage Guides |url-status=live |archiveurl=https://archive.today/20171231150012/https://www.privateinternetaccess.com/pages/client-support/ |archivedate=2017-12-31 |quote=Although quite different from a VPN, we provide a SOCKS5 Proxy with all accounts in the event users require this feature. }}

| {{Yes}}{{cite web|title=Stats on 89 Linux VPN Providers Across 16 Linux Distributions|url=https://vpn.com|accessdate=15 February 2018|language=English}}

|

|

| {{some}}{{efn|The support team may be willing to whitelist your email provider's SMTP server upon request.{{cite web |url=https://helpdesk.privateinternetaccess.com/hc/en-us/articles/219457007-Why-can-t-I-send-email-when-on-the-VPN- |title=Why can't I send email when on the VPN? / Private Internet Access |url-status=dead |archive-url=https://archive.today/20171227101314/https://helpdesk.privateinternetaccess.com/hc/en-us/articles/219457007-Why-can-t-I-send-email-when-on-the-VPN- |date=2017-10-31 |archive-date=2017-12-27 |quote=Any VPN provider that does not retain logs must block outgoing SMTP traffic due to rampant spam associated with usage of VPN services. With that said, we can whitelist (allow) any outgoing email server that a) require authentication, and b) is correctly setup so as not to be an open relay. |access-date=2017-12-27 }}|group=VPN_table01}}

| {{yes|No}}{{cite web |url=https://www.privateinternetaccess.com/pages/how-it-works/# |title=How a VPN Tunnel Works / Private Internet Access VPN Service |url-status=live |archiveurl=https://archive.today/20171227092922/https://www.privateinternetaccess.com/pages/how-it-works/%23 |archivedate=2017-12-27 |quote=In addition, any blocked software by your ISP including P2P and other various software applications will be unblocked and unrestricted on our systems. }}

| {{yes|Dedicated}}[https://www.privateinternetaccess.com/archive/forum/discussion/21619/telescope-private-internet-access-is-safe-from-the-tls-communications-vulnerability Private Internet Access™ is default secure from this vulnerability since we use real bare metal servers.]

| {{yes}}{{Cite web |title=PIA's NextGen Servers – How Colocated Servers Improve Our Infrastructure|url=https://www.privateinternetaccess.com/blog/pia-colocated-servers/|access-date=2024-05-05 |website=Private Internet Access|date=20 October 2022 }}

PrivadoVPN

| {{yes}}

| {{yes}}

| {{yes}}

| {{yes}}

| {{yes}}

|

|

|

| {{yes}}

| {{yes}}

|

|

|

| {{yes|No}}

|

|

ProtonVPN

| {{yes}}

| {{no}}

| {{yes}}

| {{yes}}

| {{yes}}{{cite web |url=https://protonvpn.com/support/how-to-change-vpn-protocols/ |title= How to change VPN protocols or select Smart Protocol |date=2021-08-31 }}

| {{yes}}

| {{yes}}

| {{no}}

| {{no}}

| {{yes}}{{cite web|url=https://protonvpn.com/download|title=Free Downloads|author=ProtonVPN}}

| {{yes}}

| {{yes}}

|

| {{some}}{{efn|Only on free plan.{{cite web |url=https://protonvpn.com/support/p2p-vpn-redirection|title=How does P2P VPN redirection work with Proton VPN?|access-date=2024-05-05|author=Proton VPN}}|group=VPN_table01}}

| {{yes|Dedicated}}

|

PureVPN

| {{yes}}

| {{yes}}

| {{yes}}

| {{yes}}{{cite web |url=https://www.purevpn.com/features |title=PureVPN Features - Get Premium Anonymity, Security, & Privacy All In One! |url-status=deviated |archive-url=https://web.archive.org/web/20201112000514/https://www.purevpn.com/features| archive-date=2020-11-12 |quote=10 Multi-Logins per Household}}

| {{no}}

| {{no}}

| {{some|Only through SSTP}}{{cite web |url=https://support.purevpn.com/on-what-ports-purevpn-work-and-should-i-allow-them-on-my-anti-virus-programfirewall |title=PureVPN Supported Ports |url-status=live |archiveurl=https://web.archive.org/web/20171227162743/https://support.purevpn.com/on-what-ports-purevpn-work-and-should-i-allow-them-on-my-anti-virus-programfirewall |date=2017-07-27 |archivedate=2017-12-27 }}

| {{no}}

| {{no}}

| {{Yes}}{{cite web |title=Setup PureVPN app on LinuA|url=https://support.purevpn.com/setup-purevpn-app-on-linux |accessdate=4 February 2023|language=English}}

|

|

| {{yes|No}}

| {{some}}{{cite web |url=https://support.purevpn.com/p2p-file-sharing |title=PureVPN P2P File Sharing - Break P2P barriers anonymously! |url-status=live |archiveurl=https://web.archive.org/web/20180103185035/https://support.purevpn.com/p2p-file-sharing |date=2014-07-08 |archivedate=2018-01-03 |quote=Furthermore, we have blocked P2P on some of our servers as per changing Global Web Policy. We don’t allow p2p/filesharing where it’s illegal by law named United Kingdom (UK), United States (US), Canada, Australia etc. }}

| {{some|Both}}{{cite web |url=https://support.purevpn.com/virtual-servers-and-when-you-should-use-them |title=PureVPN Servers |work= Virtual Servers and When you Should Use them? |date=2017-11-11 |url-status=live |archiveurl=https://web.archive.org/web/20180104011633/https://support.purevpn.com/virtual-servers-and-when-you-should-use-them |archivedate=2018-01-04 |quote=PureVPN has never denied using virtual servers. To make matters simpler, an update on our Server Location page will state which servers are virtual and which are physical. }}{{cite news |last=Paul |first=Ian |url=https://www.pcworld.com/article/3223384/privacy/expressvpn-vpn-review.html |title=ExpressVPN review: A good service with no public leadership |work=PCWorld |date=2017-09-20 |url-status=live |archiveurl=https://web.archive.org/web/20180104010156/https://www.pcworld.com/article/3223384/privacy/expressvpn-vpn-review.html |archivedate=2018-01-04 |quote=Similar to PureVPN, ExpressVPN says it uses virtual servers in certain locations due to infrastructure issues. }}

| {{no}}

Surfshark

|{{Yes}}

|{{No}}

|{{Yes}}

|{{Yes}}

|{{Yes}}

|{{Yes|Yes (WG, OVPN, IKEv2)}}

|{{Yes}}

|{{No}}

|{{No}}

|{{Yes}}

|

|

|{{Some}}

|{{yes|No}}

|{{Some|Both}}

|{{Yes}}

TunnelBear

| {{yes}}{{cite web |url=https://www.tunnelbear.com/blog/tunnelbear-dns-protecting-your-privacy-and-mauling-dns-leaks/ |title=TunnelBear DNS: Protecting Your Privacy and Mauling DNS Leaks |url-status=live |archiveurl=https://web.archive.org/web/20171228145059/https://www.tunnelbear.com/blog/tunnelbear-dns-protecting-your-privacy-and-mauling-dns-leaks/ |date=2017-06-22 |archivedate=2017-12-28 |quote=Every time you connect to TunnelBear, your DNS requests are directed to TunnelBear DNS servers, so your ISP can no longer see what websites you’re visiting. And because we don’t keep any records of your DNS, you’re the only one that knows your browsing history.}}

| {{yes}}

| {{yes}}

| {{yes}}{{cite news |last=Eddy |first=Max |url=http://uk.pcmag.com/tunnelbear-vpn/83271/review/tunnelbear-vpn |title=TunnelBear VPN |work=PC Magazine |date=2017-05-02 |url-status=live |archiveurl=https://web.archive.org/web/20180110165526/http://uk.pcmag.com/tunnelbear-vpn/83271/review/tunnelbear-vpn |archivedate=2018-01-10 }}

| {{no}}

| {{no}}

| {{no}}

| {{yes}}{{cite web |url=https://www.tunnelbear.com/blog/how-to-hide-your-vpn-from-dpi/ |title=GhostBear: How to Hide Your VPN From DPI |url-status=live |archiveurl=https://web.archive.org/web/20171228143716/https://www.tunnelbear.com/blog/how-to-hide-your-vpn-from-dpi/ |date=2017-07-18 |archivedate=2017-12-28 |quote=When you turn GhostBear on, it changes your VPN traffic signature to look like a different kind of traffic. To do this, GhostBear uses a technology called Obfsproxy.}}{{cite news |last=Williams |first=Mike |url=http://www.techradar.com/reviews/tunnelbear-vpn |title=TunnelBear VPN review |work=TechRadar |date=2017-05-23 |url-status=live |archiveurl=https://web.archive.org/web/20180110164917/http://www.techradar.com/reviews/tunnelbear-vpn |archivedate=2018-01-10 }}

| {{yes}}

| {{yes}}

|

|

| {{yes|No}}{{cite web |url=https://help.tunnelbear.com/customer/portal/articles/search?b_id=17004&q=smtp |title=TunnelBear / Search Results |url-status=dead |archiveurl=https://web.archive.org/web/20180103190929/https://help.tunnelbear.com/customer/portal/articles/search?b_id=17004&q=smtp |archivedate=2018-01-03 |quote=TunnelBear does not block SMTP on our network. |access-date=2018-01-03 }}

| {{some}}{{cite web |url=https://www.tunnelbear.com/features|title=TunnelBear|access-date=2024-05-05}}

|

|

Windscribe

| {{yes}}

| {{yes}}

| {{yes}}

| {{yes}}

| {{yes}}{{Cite web |title=What Protocols are available with Windscribe? {{!}} Windscribe |url=https://windscribe.com/knowledge-base/articles/what-protocols-are-available-with-windscribe/ |access-date=2023-07-09 |website=windscribe.com}}

|{{yes}}

| {{yes}}

|{{No}}

| {{no}}{{Cite web |title=SOCKS5 servers are phased out and are no longer offered by Windscribe. {{!}} Windscribe |url=https://windscribe.com/getconfig/socks |access-date=2023-07-09 |website=windscribe.com}}

| {{yes}}

(via Stealth protocol)

|{{No}}

|{{No Y}}

| {{yes|No}}

| {{yes|Dedicated}}{{efn|With the exception of one virtual server located in Antartica.{{Cite web |title=Does Windscribe use virtual servers/locations? {{!}} Windscribe |url=https://windscribe.com/knowledge-base/articles/does-windscribe-use-virtual-servers-locations/ |access-date=2024-05-05 |website=windscribe.com}}|group=VPN_table01}}

| {{yes}}{{Cite web |date=2023-12-19 |title=NodeOS: How We Stopped Worrying about Disks and Started Booting from RAM |url=https://blog.windscribe.com/nodeos-booting-from-ram/ |access-date=2024-05-05 |website=Windscribbles |language=en}}

|{{Yes}}

Notes

{{notelist|group=VPN_table02}}

= Encryption =

class="wikitable sortable" style="text-align: center; font-size: 80%; width: auto; table-layout: fixed;"

! rowspan="2" | Service

! colspan="2" | Data encryption

! colspan="2" | Handshake encryption

! colspan="2" | Data authentication

Default provided

! Strongest provided

! Weakest provided

! Strongest provided

! Weakest provided

! Strongest provided

Atlas VPN

|ChaCha20-Poly1305 / AES-256{{efn|ChaCha20-Poly1305 for all devices except for Windows, which does not support it and therefore uses AES-256}}

|ChaCha20-Poly1305

|2048-bit Diffie–Hellman

|ECP521

| colspan="2" |SHA-384

Avast SecureLine

| colspan="2" | AES-256

|

|

|

|

ExpressVPN

| colspan="2" |AES-256

|

| CA-4096

|

|

Hotspot Shield

| colspan="2" | AES-128{{cite web |title=Hotspot Shield Privacy Frequently Asked Questions / Hotspot Shield |url=https://www.hotspotshield.com/privacy-faq/ |url-status=live |access-date=2017-12-28 |work=How does Hotspot Shield secure my Internet connection? |quote=Turning Hotspot Shield on encrypts all of the traffic between your device and our servers using TLS 1.2 with perfect forward secrecy (ECDHE), 128-bit AES data encryption. |archiveurl=https://archive.today/20171228150759/https://www.hotspotshield.com/privacy-faq/ |archivedate=2017-12-28}}

| colspan="2" | TLS 1.2 ECDHE PFS

| colspan="2" | HMAC{{cite web |date=2017-11-29 |title=AnchorFree Hotspot Shield Privacy Policy |url=https://www.hotspotshield.com/privacy/ |url-status=live |work=Security |quote=We encrypt all of the traffic between your device and our servers using TLS 1.2 with perfect forward secrecy (ECDHE), 128-bit AES data encryption, and HMAC message authentication. |archiveurl=https://archive.today/20171228152839/https://www.hotspotshield.com/privacy/ |archivedate=2017-12-28}}

IPVanish

| colspan="2" |AES-256{{cite web |title=Online Data Encryption - IPVanish VPN |url=https://www.ipvanish.com/vpn-encryption/ |website=www.ipvanish.com |date=13 October 2021 |language=en}}

| colspan="2" |RSA-2048

| colspan="2" |SHA-256

IVPN

| colspan="2" | AES-256{{cite web |author=IVPN |author-link=IVPN |title=Why IVPN |url=https://www.ivpn.net/why-ivpn |url-status=live |archiveurl=https://web.archive.org/web/20180326223025/https://www.ivpn.net/why-ivpn |archivedate=2018-03-26 |work=IVPN offers you more than any other VPN}}

|

| RSA-4096

|

|

Mullvad

| AES-256 (GCM)

| AES-256

| colspan="2" | RSA-4096

| colspan="2" | SHA-512

NordVPN

| AES-256{{cite web |author=NordVPN |date=2 March 2020 |title=Military-Grade VPN Encryption |url=https://nordvpn.com/features/military-grade-encryption/ |work=How secure and reliable is NordVPN? |authorlink=NordVPN}}

| AES-256 (CBC)

| colspan="2" | 2048-bit Diffie-Hellman

|

|

Private Internet Access

| AES-128 (CBC){{cite web |title=Private Internet Access / VPN Encryption |url=https://www.privateinternetaccess.com/pages/vpn-encryption |url-status=live |access-date=2017-12-27 |archiveurl=https://archive.today/20171227094141/https://www.privateinternetaccess.com/pages/vpn-encryption |archivedate=2017-12-27}}

| AES-256

| ECC-256k1

| RSA-4096

| SHA-1

| SHA-256

PrivadoVPN

| colspan="2" |AES-256

|

|

|

|

ProtonVPN

| colspan="2" | AES-256

| colspan="2" | RSA-4096

| colspan="2" | HMAC with SHA-384

PureVPN

| colspan="2" |AES-256

|

|

|

|

SaferVPN

| colspan="2" | AES-256{{cite web |url=https://www.safervpn.com/vpn-protocols |author=SaferVPN |title=VPN Protocols |url-status=dead |archiveurl=https://web.archive.org/web/20180116203437/https://www.safervpn.com/vpn-protocols |author-link=SaferVPN |archive-date=2018-01-16 }}

| colspan="2" | 2048bit SSL/TLS

| colspan="2" | SHA-256

TunnelBear

| AES-128 (CBC){{efn|name=tunnelbear-aes|Only on iOS 8 and earlier. All other supported devices and operating systems use AES-256 (CBC).{{cite web |url=https://www.tunnelbear.com/blog/stronger-encryption/ |title=Rawwwr! Even Stronger Encryption |url-status=live |archiveurl=https://web.archive.org/web/20170814150250/https://www.tunnelbear.com/blog/stronger-encryption/ |date=2015-03-17 |archivedate=2017-08-14 }}|group=VPN_table02}}

| AES-256 (CBC)

| 1548 bit Diffie–Hellman{{efn|name=tunnelbear-handshake|iOS 9 and later use 2048 bit. iOS 8 and earlier use 1548 bit. All other supported devices and operating systems use 4096 bit.|group=VPN_table02}}

| 4096 bit Diffie–Hellman

| SHA-1{{efn|name=tunnelbear-data-auth|iOS 8 and earlier use SHA-1. All other supported devices and operating systems use SHA-256.|group=VPN_table02}}

| SHA-256

Surfshark

|AES-256

|AES-256 (CBC)

| colspan="2" |2048-bit Diffie–Hellman

|

|

Windscribe

| colspan="2" |AES-256{{Cite web |title=What kind of encryption does Windscribe use? {{!}} Windscribe |url=https://windscribe.com/knowledge-base/articles/what-kind-of-encryption-does-windscribe-use/ |access-date=2023-07-09 |website=windscribe.com}}

| colspan="2" |RSA-4096

| colspan="2" |SHA-512

Notes{{notelist}}

= Definitions =

The following definitions clarify the meaning of some of the column headers in the comparison tables above.

{{glossary}}

{{columns-list|colwidth=50em|

{{term|1=Anonymous payment method|2=Anonymous payment method {{anchor|Anonymous payment method}}}}

{{defn|1=Whether the service offers at least one payment method that does not require personal information. Even if a service accepts a cryptocurrency like bitcoin, it might still require that the customer hands over personally identifiable information (PII) like their full name and address.}}

{{term|1=Bandwidth|2=Bandwidth {{anchor|Bandwidth}} }}

{{defn|1=Whether the users' bandwidth is logged while using the service, according to the service's privacy policy.}}

{{term|1=Diskless|2=Diskless {{anchor|Diskless}} }}

{{defn|1=Whether the service's server hardware is connected to hard drives, according to the service provider. If the servers are diskless, the service provider should be unable to log any usage data.}}

{{term|1=First-party DNS servers|2=First-party DNS servers {{anchor|First-party DNS servers}} }}

{{defn|1=Whether the service provides its own domain name system (DNS) servers.}}

{{term|1=Kill switch|2=Kill switch {{anchor|Kill switch}} }}

{{defn|1=Whether the service has the ability to immediately sever your connection to the Internet in the event that the VPN connection fails. This prevents a user IP address leak.{{cite web |url=https://www.top10vpn.com/guides/vpn-kill-switch/ |title=What Is a VPN Kill Switch? |url-status=live |archiveurl=https://web.archive.org/web/20220802163519/https://www.top10vpn.com/guides/vpn-kill-switch/ |archivedate=2022-08-02 }}}}

{{term|1=Logging|2=Logging {{anchor|Logging}} }}

{{defn|1=Whether the service stores information about their users' connection or activity on the network, according to the service's privacy policy or terms of service. If logging isn't mentioned in those sections but denied somewhere else on the website, the particular table cell will be marked as "No" in yellow and include an explanatory note.}}

{{term|1=Privacy Impact Score|2=Privacy Impact Score {{anchor|Privacy Impact Score}} }}

{{defn|1=An indicator of a website's usage of potentially privacy intrusive technologies such as third-party or permanent cookies, canvas trackers etc.{{cite web |url=https://webcookies.org/doc/privacy-impact-score |title=Cookie Privacy Impact Score |url-status=dead |archive-url=https://web.archive.org/web/20171230101417/https://webcookies.org/doc/privacy-impact-score |archive-date=2017-12-30 }} The score can be in the range from 0 to 100, where 0 is minimal privacy impact (best) and 100 is the biggest privacy impact (worst) relative to other web sites. The score also has a simplified letter and colour presentation from A to F where A is "No cookies" and F is "Score above three standard deviations from the average". The metric is developed by WebCookies.org.}}

{{term|1=Obfuscation|2=Obfuscation {{anchor|Obfuscation}} }}

{{defn|1=Whether the service provides a method of obfuscating the VPN traffic so that it's not as easily detected and blocked by national governments or corporations.{{cite web |url=https://blog.torproject.org/obfsproxy-next-step-censorship-arms-race |title=Obfsproxy: the next step in the censorship arms arce / Tor Blog |author=Tor |work=Tor Blog |date=2012-02-16 |url-status=live |archiveurl=https://web.archive.org/web/20180111044351/https://blog.torproject.org/obfsproxy-next-step-censorship-arms-race |archivedate=2018-01-11 }}{{cite web |url=https://community.openvpn.net/openvpn/wiki/TrafficObfuscation |title=TrafficObfuscation - OpenVPN Community |author=OpenVPN |work=Wiki |url-status=live |archiveurl=https://web.archive.org/web/20180111044622/https://community.openvpn.net/openvpn/wiki/TrafficObfuscation |archivedate=2018-01-11 |author-link=OpenVPN }}}}

{{term|1=Offers WireGuard|2=Offers WireGuard {{anchor|Offers WireGuard}} }}

{{defn|1=Whether the service provider offers the WireGuard tunneling protocol.}}

{{term|1=SSL rating|2=SSL rating {{anchor|SSL rating}} }}

{{defn|1=The service's website's overall SSL server rating according to Qualys SSL Labs' SSL Server Test tool.}}

{{term|1=Supports Obfsproxy|2=Supports Obfsproxy {{anchor|Supports Obfsproxy}} }}

{{defn|1=Whether the service has an implementation of the Tor subproject Obfsproxy.}}

}}

{{glossary end}}

References

{{Reflist}}

{{commons category}}

{{VPN}}

{{DEFAULTSORT:VPN services}}

Category:Virtual private network services

Category:Internet privacy