Safety Measures
Evaluating VPN Security: What to Look For and What to Avoid
When consumers evaluate a VPN provider, they generally expect safety measures to be included by default to protect their internet connection. While this is true to some extent, it warrants a closer look.
Reputable VPN providers
Most reputable VPN services prominently advertise features like encryption, secure tunneling protocols, and DNS leak protection. These elements are considered industry standards, and customers can often rely on these features being present, as VPN services compete with one another.
It is still important to verify whether a provider actually delivers on their marketing claims and to take a closer look at any advanced protections offered to ensure maximum safety for your connection.
Security features are often assumed rather than verified, so it is wise to check a some during a trial period, especially if you are considering a VPN that is following rather than leading the market.
Generally speaking, the more details a provider offers, the more potential customers can verify.
Strong Encryption
Strong security is one of the most common reasons consumers look into VPN providers. While encryption is a fundamental feature for a legitimate VPN, many people are unaware that significant differences can arise even at this basic level between different providers.
As a general rule of thumb, we advise consumers to be cautious if a website for an unfamiliar VPN provider looks different but features text that closely resembles, or contains the exact same unique selling points, as those found on the top 10 VPN providers.
This is a very clear red flag. Unfortunately, dishonest VPN providers can easily and cheaply copy/paste information from market leaders, often without much editing. This is done when they know that many consumers will not verify details, such as the exact encryption standards upheld by the provider.
Encryption examples
Secondly, we advise consumers who want to do a bit of research to perform a quick Google search on terms like 'AES-256,' 'SHA-256,' and 'PFS,' as these are complex terms unfamiliar to the average user.
With a little effort, the results will likely look similar to these example answers:
AES-256 acts as a strong lock for your data, keeping it secure from prying eyes.
SHA-256 acts as a seal, ensuring that your data has not been tampered with.
PFS is a special code that protects your previous conversations even if the key is stolen later.
Privacy Protection
When selecting a VPN provider, consumers should rightfully expect that reputable services include essential security features such as DNS leak protection and a VPN kill switch.
These features are crucial for online privacy and ensuring that your internet traffic remains secure.
DNS leak protection This prevents your DNS queries, the requests made to translate website names into IP addresses, from bypassing the VPN tunnel, which would otherwise expose your browsing activity to your internet provider or allow other third parties to monitor your actions.
VPN kill switch This is another vital feature that automatically disconnects your internet connection if the VPN service drops unexpectedly. It ensures that your real IP address and sensitive data are not exposed in the event of a VPN failure, thereby maintaining your privacy and security.
The main challenges with these two features are improper implementation or dishonest representation from a VPN provider regarding the implementation of the feature across their list of supported devices.
To provide a small example of a typical dishonest representation:
What they are telling you: Yes, our service supports DNS leak protection and a sturdy VPN kill switch!
What they are not telling you: But it only works on a windows computer.
This simple example should immediately raise a red flag for Android, iOS, or Apple Mac users. Would you have noticed it if you only saw 'Yes, our service supports this' in an advertisement?
Split Tunnel control
A split tunnel feature is not necessarily a market standard for all VPN providers, but it is a highly valued feature offered by many premium VPN services and worth mentioning for your consideration.
It provides flexibility for users who want to route some traffic through the VPN while allowing other traffic to bypass it, which can be useful for a variety of reasons such as accessing local services.
Note that it requires users to have some technical knowledge, or at the very least, to examine this feature with a lot of caution, as more control also means a user error can have big consequences.
A similar warning can be made for VPN providers offering a split tunnel: developing an application to control this feature is not a task that can be quickly thrown together in haste to imitate a premium provider. It requires careful design and implementation to ensure it functions effectively and securely.
This feature, if copied by a dishonest provider without thorough testing, illustrates how things can go wrong with far-reaching consequences in a market where copying competitors has become the norm.
Safety summary
When choosing a VPN provider, it really is crucial to verify that they deliver on their advertised security features, such as examples above in strong encryption, DNS leak protection, and a VPN kill switch.
While many reputable providers include these essentials, not all do so effectively. Be cautious of providers that merely copy the marketing language of top services without proper implementation.
Advanced features like split tunneling can be beneficial but also require careful attention, so be sure to check provider details and consider trial periods to ensure the provider truly meets your needs.
DEVPN's solution
For a detailed overview on how DEVPN provides a solution for the above challenges, see this chapter.
Last updated