Disclaimer: Affiliate links help us produce good content. Learn more.
When the digital highway is kind of flooded with 1,000+ VPN providers, you need to make sure you get the best. But can you rely solely on their official websites and all the promotionally wrapped claims? If all those were true, we’d be living in a perfect world.
But we’re not here to feed this pink bubble with more hot air. We’re here to burst it.
We believe that it’s crucial to do thorough research and VPN tests before choosing a specific VPN service. After all, it’s your anonymity and security that’s at stake here.
Believe it or not, for some users, this could mean a life or death situation in the worst case scenario. Think of investigative journalists, political or environmental activists, hackers, or simply privacy-conscious internet users.
Nonetheless, if you’re a general user who has a family, possibly with kids, wouldn’t you want to feel safe from cybercriminals? Because the so-called “prying eyes” don’t just include governments, authorities, and ISPs (Internet Service Providers). There are cybercrooks like bullies and malicious hackers who can’t wait to steal and abuse your personal information.
Cyber attacks affect the lives of hundreds of millions globally every year.
Of course, we also understand the all-too-frequent reaction of “this would never happen to me.” Yet data breaches, leaks, and cyber attacks affect the lives of hundreds of millions globally every year. To be more precise, in 2018, the Aadhaar incident in India alone leaked approximately 1.1 billion citizens’ private information, including bank account details. But we could also mention the Marriott scandal with its database breach affecting 500 million guests.
Such cyber threats may be more real than finding a gnome in your room stealing your socks. So why not try to avoid them, right? Even more so when you can actually do something about it, like protect yourself with a VPN solution.
This is why we’ve dedicated this website to cybersecurity and VPN services in particular.
And now, we’d like to uncover and share with you the vital factors, features, and issues our VPN test policy targets:
- Connection: how and why to check VPN connection, what happens if your connection drops
- Location: where the VPN provider is based and how that might also be relevant to your online security and privacy
- Speed: how fast download and upload speeds are from your physical location (no matter what some reviews may claim about a VPN)
- Versatility: streaming, P2P, and platform support
- Pricing: free trial option, pricing plans, money-back guarantee, refund policy, payment options
These are also the criteria we use every time we test a service for our VPN reviews. Let us guide you through each area and show you how you can run these essential VPN tests yourself. And, naturally, what related free tools are at your disposal on the web.
VPN privacy and security
Our review team believes that the privacy and security level of a VPN is the most critical factor of all. If a VPN solution has an obscure logging policy, may collect too much information or leak data, it’s no use to a serious anonymity seeker.
The following will explain how we run our VPN test on privacy and security to find out whether it’s a safe one to use. If you have time, you can do the same to check for yourself.
Watch out for sentences like this:
“For website traffic and data through our VPN, we do not log or store any website or traffic data for a user for any period of time…”
Because it may carry on saying:
It’s also a recurring issue when we run our VPN test for privacy that what’s claimed in paragraph 2 could be rephrased with the opposite meaning in paragraph 5. Beware of such tricks and keep your eyes open.
VPN data sharing scandals
Even if everything seems just fine with the legal documents, it doesn’t mean the VPN provider hasn’t shared data with the authorities. We’re not saying that this happens on a daily basis. But there have been a few cases in the past years that hit the VPN user community hard where it hurts the most.
PureVPN’s controversial FBI case is probably one of the most well-known. In this case, PureVPN, a Hong Kong-based provider, shared personally identifiable data with the FBI. All this while claiming no logs, of course.
The question is: how can you trust a VPN that has such a history of sharing?
You shouldn’t accept any excuse for personally identifiable data sharing.
We know the saying, “sharing is caring,” but when it comes to your online anonymity and security, you should have no mercy. In other words, you shouldn’t accept any excuse for personally identifiable data sharing. And, it’s not about letting all kinds of weirdos like cyberstalkers use a VPN for illegal activities.
But why would you trust a no logs policy claimer that happens to log personal information about you? Isn’t it your primary reason to use a VPN to not be identified, snooped on, or monitored by Big Brother?
Therefore, we always research the possibility of previous data leaks or scandals as a basic VPN test.
This is a somewhat grey area, to be frank. Some VPN reviewers say that the VPN location is an important factor, some doubt its relevance. One thing’s for sure: it’s a bit controversial to have a VPN based in a surveillance-friendly country. No wonder why some market leaders have their base in Panama, The British Virgin Islands, or Romania.
In the 14 Eyes countries, including the US, the UK, Canada, Germany, and Sweden, the authorities can force data center hosts and VPN providers to share metadata of users. These countries can also share such information among themselves.
This is why it’s vital to understand the logging policy of a VPN. If or when a true no-logs policy VPN is forced to share user data, the authorities would come up empty-handed. A good example is the ExpressVPN case in Turkey. In this case, the Turkish authorities seized an ExpressVPN server but ended up with no useful data. Now, this is what we call true no logs policy.
If possible, choose a VPN service that’s based in a privacy-friendly country. But, if you’re not convinced that VPN location matters at all, select one that has a convincing no-logs policy.
When running a VPN test, it’s essential that we’re aware of its security features, including the supported VPN protocols and functions that provide an extra layer of security. The most frequently used protocols are PPTP, L2TP/IPsec, IKEv2, and OpenVPN.
Some VPNs have no OpenVPN support. If these don’t offer their own bulletproof open-source protocol, they will fail our VPN test.
We believe that a decent VPN service has to have OpenVPN supported since that is the mostly recommended protocol today. Some VPNs have no OpenVPN support. If these don’t offer their own bulletproof open-source protocol, they will fail our VPN test. Of course, this also depends on your situation, i.e., what platform you’re using. It’s possible that you’ll be all fine and secure with L2TP or IKEv2 on a mobile device, for instance.
While these tunneling protocols are usually paired with some kind of encryption (AES-256), your anonymity may not yet be the best. Fortunately, some of the best VPNs on the market offer extra layers of protection. So when you test a VPN, you may want to check its other security features too.
You’ll recognize a more serious VPN when it has any or all of these features:
- Multi-hops or Double VPN: your internet traffic is routed across multiple hops in the VPN server network to take the most secure route.
- Onion over VPN: your internet traffic goes through one of the VPN servers, and then, through the Onion network before reaching its destination.
- Obfuscation, Stealth VPN, Stunnel: this function removes the metadata from your internet traffic packet header so that it can’t be identified as VPN traffic. This is mostly useful in countries like China, when the use of VPNs is limited or banned.
- Kill switch: one of the most important features a good VPN test has to look at is the kill switch. First of all, you need to check if the VPN has one at all. If not, you might leak personal information. Thus, such a VPN can’t protect you online.
Kill switch test
Having a kill switch is one thing. Unfortunately, sometimes you’ll find VPNs with a faulty kill switch, which simply couldn’t keep you anonymous. Therefore, it’s important that you test it.
There are two types of kill switches. First, the App Kill Switch and second, the Internet Kill Switch. Make sure you know which type your chosen VPN has.
The App Kill Switch is for configuring specific applications to kill when your VPN connection might drop unexpectedly. The Internet Kill Switch, when turned on, won’t allow any application to access the internet until a VPN connection is (re)established.
Some VPNs offer both of these kill switches, while some may only have one that works as an Internet Kill Switch.
In any case, turn on your kill switch in the Settings menu of your client. Connect to a VPN location, and then launch your browser. Visit a website. Now, disconnect from the VPN server. Once the connection drops, your browser (and any other apps using the internet) should exit right away. You’ll only be able to access the internet if you establish a VPN connection again.
But this is still not the end of our VPN test regarding security and privacy. There could be other types of leaks too.
VPN connection test
When you test VPN security, it’s crucial that you do a VPN test on connection. You need to check if your VPN is really spoofing your IP so that you appear to be at a “fake” location. Some VPNs may claim to connect you to their China server, but you’ll find that your new IP is in Pakistan. This could be due to virtual servers or a bug in the VPN app, for example. Still, you want to be sure that you appear to be where you want to be virtually, right?
These IP lookup sites can provide you with just enough information to see whether your VPN has connected to a server in your desired location. If the IP address and location don’t match yours, bingo! You will appear to the whole wide world as a user from your spoofed location. Unless, of course, there’s a leak.
VPN leak tests
Possibly the worst thing that can happen to you while using a VPN is that it leaks your true IP address or your DNS requests. If that ever happened, it would be easy for prying eyes (ISPs, authorities, and hackers) to link specific online activities to you personally. Moreover, your physical location would also be revealed to snoopers.
In plain English, if your VPN leaks sensitive information, you’re not anonymous anymore. This may not be a big issue for a lot of everyday users. However, think of activists and journalists. Their life could depend on it. As for the common user, they might be profiled and targeted by third-party advertisers in a less dangerous scenario.
But, unfortunately, not all users of the digital highway are benign. Cybercriminals like cyberbullies and cyberstalkers are out there trying to hack into anyone’s online devices. They may get lucky and steal personal data, including banking details, account information, and family photos. What you see in movies is mostly reality already – well, regarding IT and hacking. These crooks can actually steal your identity and use it to commit all kinds of fraud.
Hopefully, you see now why it’s essential to test VPNs thoroughly. VPN reviews can help you find out whether a VPN has a tendency to leak data or not. However, if you want to see it for yourself, you can use a couple of generally trusted websites too.
First and foremost, we use ipleak.net that can run VPN tests for IPv4/IPv6/DNS/WebRTC leaks as well as show your approximate location. At the bottom of this VPN leak test page, you can also see your browser-related details that can be retrieved and used as a “fingerprint.”
The other three websites we recommend are dnsleak.com, dnsleaktest.com, and ipleak.org. We mainly use these to double-check our findings when the results are somehow questionable. Naturally, you’ll find several more similar sites if you search the web for “IP DNS leak test” keywords.
In any case, these above sites should give you a proper VPN test regarding leaks.
Some market leader VPNs protect you against WebRTC leaks, but definitely not all available services. This leak type is related to real-time communication apps like Messenger and Skype. When you’re using such an app in your Chrome, Firefox, or Opera browser, it may leak sensitive information like your IP address.
This is essentially a browser vulnerability, but you can find instructions on the web to disable WebRTC. However, this may affect the operations of your apps relying on this built-in feature. Thus, the best solution is to find a VPN that can protect you against this leak.
Apart from ipleak.net we mentioned before, you can also use browserleaks.com to test your VPN for WebRTC leaks.
VPN speed test
When we write in our reviews that “this VPN has blazing fast speeds,” do you take it for granted? Well, if you consider us an authority in the VPN field and you’re convinced that our word is as good as gold, you probably would.
But we still encourage you to run your own VPN tests for speed. This is another testing area that can’t yield results with precision; i.e., ones that are true for all users. You may experience completely different download and upload speeds in your location.
So, if you’re ready to put your VPN to the test, use either speedtest.net or speedof.me. Before running any VPN test though, we suggest that you establish your baseline speeds. This means that you should run a speed test without connecting to a VPN server first.
VPN platform support
A lot of VPN service providers only support the primary platforms: Windows, Mac OS, iOS, and Android. But, you may need a VPN for other platforms. Therefore, we suggest that before you check VPN connection, VPN speed, VPN leaks, or anything else, you make sure that your platform is supported. Since our primary concern is privacy and security, we generally follow the VPN test order in this post.
It’s easy to access this information if you visit the VPN’s official website. Keep in mind that for some platforms manual configuration may be needed. The dedicated instructions are usually easy to follow.
In addition to the primary platforms, better VPN services usually support Chrome, Firefox, PS3/PS4, Xbox, Kodi, Amazon FireTV, and Smart TVs. Why would you waste time with VPN tests if your platform is not even supported, right?
Some VPNs may have a fine Windows client. However, the Android or browser client may be clunky, or even leak information. If you don’t have the time to test each platform you want to use with a VPN, read our related VPN review to find out more. Or, just search the web to find out any issues in connection with a specific VPN and platform.
VPN live chat support test
A thorough VPN test without checking the live chat support is, again, like a car with three wheels. When using VPN software, there can always be some technical or other issues. Without effective and helpful live chat support you’ll only have a headache and frustration.
We suggest that you always test the live chat support through the website. There’s usually a Chat or Help button in the bottom left or bottom right corner of the webpage. Make sure you talk to a real human because some VPN services use bots to give you automatic responses. While this may be useful in a few easier cases, in others, it may be totally useless.
Imagine that you urgently need to connect to your company’s website from abroad to upload vital data, but your VPN fails to do so. You’re pressed for time. Only an effective live chat support agent can save the day in such a case. So, if you need a proper service, choose a VPN that has excellent support. As simple as that.
Apart from the pricing plans, you should always check if there are some other factors related to pricing worth considering. First of all, if you really want a decent VPN test, you need to test it yourself. Of course, you can always rely on up-to-date VPN reviews and comparisons as well. But you need to trust the website you choose.
There are two options for you to test a VPN for free. First, there may be a free version or a free trial version. This free VPN could be somewhat limited. Read the related information on the VPN website before you may get disappointed. Second, if there’s a money-back guarantee, you can use that to go through the VPN tests. Keep in mind that some providers may have conditions for a refund.
Speaking of money-back guarantee, in general, a VPN may offer a 3-day, 7-day, 30-day, 31-day, or 45-day money-back guarantee. But even if it’s offered, you’d better check the refund policy and practices. You may find out that a VPN will come up with all kinds of excuses or delay the refund. Market leaders normally guarantee a 100% refund with no questions asked.
Yet another important area in a VPN test is to explore the payment methods. Questionable or less-recommended VPNs may only support the primary payment methods, such as credit/debit cards and PayPal. This should be all fine if you’re not looking for the best privacy option.
If you need real privacy though, you’ll want a VPN that offers anonymous payment like cryptocurrency (Bitcoin).
Hopefully, our in-depth VPN test policy description helps you choose the best protection for your online activity. As you can see, leaving out just one of these VPN test steps could put you in danger. That’s why it’s so crucial to test VPN security and privacy.
And luckily, this is why we’re here too. All our reviews follow these above steps to decide whether a service is safe enough to use or not.
We tried to make all this easily digestible — but in all honesty, it can take a lot of time. There could be users who just wouldn’t spend this much time to test several VPN services to find the right one.
Disclaimer: Affiliate links help us produce good content. Learn more.
Ethan is a security researcher and digital privacy advocate. He spends his time unraveling various anonymity and security tools, plus contributing to open-source projects. Otherwise, he keeps a low profile by hiking or cycling around the countryside.