Last update: 07.05.2018

Overview

ProtonVPN is super-secure and has a great Free version. A bit of work will take it to the top!

For all its expansion, the VPN market has never had a decent free VPN choice. Enter ProtonVPN – the tool from the same CERN scientists (no, they won’t make a black hole) who have given us ProtonMail. They have set out to achieve a mammoth task, namely, to offer the world a free version of their VPN – one that is:

  • Secure
  • Not funded through malicious means
  • Not limited in terms of bandwidth or amount of data transferred

Sounds easier than it actually is! Virtual Private Networks are expensive to run badly and a downright lavish investment if run well. ProtonVPN does it admirably, but you can’t survive for free, so our ProtonVPN review will mainly focus on the full, paid version.

As the offspring of ProtonMail, this Swiss VPN does security the way very few services do. Aside from the expected super-tough encryption (AES-256, 2048-bit handshake), ProtonVPN has no confirmed leaking issues, a great kill switch, and some really cool bonus features. One of these is Secure Core – an interesting take on the multi-hop VPN. When you have this feature enabled, all server connections will take a detour through one of ProtonVPN’s hyper-secure servers in Switzerland, Sweden, or Iceland. If that’s not enough, you can try Tor over VPN and combine the anonymity given by the Tor network and VPN.

Beyond that, ProtonVPN is currently a product under construction. The company takes the quality-over-quantity approach and is avoiding half-baked features. The 116 servers in 15 locations don’t convert into a lightning-fast connection, and there’s still no iOS app. You won’t have a great time of accessing geo-blocked streaming platforms like Netflix or BBC iPlayer, and it’s not the best choice for users in China. ProtonVPN is extremely easy to use and has beautiful, economical clients, but is yet to introduce a live chat support function.

Aside from the Free plan, there are 3 paid plans, ranging from cheap and not very powerful (Basic at 5 € a month or 48 € a year), to reasonable and functional (Plus at 10 € a month or 96 € a year), to business class (Visionary at 30 € a month or 288 € a year).

We‘re confident that ProtonVPN will eventually become one of the best tools on the market. For the time being it lives on niche appeal and its Free version.

Contents

Is ProtonVPN safe to use?
Speed & Performance
How to install it
How to use ProtonVPN
Apps & Extensions
ProtonVPN for Netflix
ProtonVPN for Torrenting
ProtonVPN for China
Support
Pricing
ProtonVPN Free Version
Bottom Line

Is ProtonVPN safe to use?

The stated goal of ProtonVPN is to provide better security and privacy than other VPN services. It’s far from unique to say something like that – VPN companies do it all the time. You can always call them out, but they will answer with something about their “top-notch encryption”, “no DNS and IPv6 leaks”, “no logging policy”, and then you can have a long, adversarial dialogue to uncover the true meaning of these marketing claims. We did some digging for this ProtonVPN review and can say that it’s a very different beast – the company actually has a few things to say about privacy and security! Honestly, it’s understandable, if for no other reason than the reputation of ProtonMail (the biggest and safest encrypted mail service).
Let’s have a look at just what you’re getting with ProtonVPN!

Security features

Secure VPN products require a comprehensive, all-encompassing approach. We begin with the basics – encryption. Like many of the best tools on the market, ProtonVPN uses an AES-256 cipher with a 2048-bit RSA handshake and HMAC SHA 256 authentication. That’s a technical way of saying “it would take the computing power of the whole world all the time in the universe to break this encryption”. Granted, this isn’t unique, and some VPN services offer even greater encryption. At this juncture, we’d just like to say that there is no such thing as more unbreakable.

ProtonVPN offers DNS leak protection on the client side as well as a private DNS network. This should ensure the prevention of most DNS leak situations. We are currently unaware of any ProtonVPN vulnerabilities in this department, but let’s see just what that means! Whenever you enter some URL into your browser address bar, the first thing your computer must do is translate the hostname into an IP address. For that to happen, it must contact a DNS (Domain Name Server), which performs the function of a digital phone book. If your VPN service has no DNS leak protection feature, sometimes these DNS requests will be executed outside the VPN tunnel by your regular ISP-provided DNS. In practice, that means you’re telling your ISP what you’re doing on the internet! ProtonVPN is one of the services where this type of thing is highly unlikely.

There have been reports that ProtonVPN is susceptible to the notorious WebRTC leak. This would mean there is the potential to leak your IP address through the browser’s WebRTC functionality. However, at the moment tests show that this is not the case. The situation with IPv6 leaks is less clear, but any allegations about ProtonVPN’s IPv6 leaks lack substantiation. All in all, we can say that this is a leak-free VPN service.

The only security protocols offered by ProtonVPN are OpenVPN (UDP/TCP) and IKEv2 (must be installed manually). While the lack of choice is less than optimal, these protocols offer the greatest level of protection, and therefore nothing to complain about. That being said, OpenVPN will not work for users in China and possibly other restricted countries either – more on that later.

Extra security layers

One of the primary reasons ProtonVPN stands out in the VPN space is the bonus protection given by unique features. The first one of these is something called Secure Core – a type of multi-hop function. The reason ProtonVPN created this function is to minimize the risks posed by compromised VPN servers. Simply put, if an observer is snooping on a VPN server you are connected to (we won’t get into how), they can use something called timing or correlation attacks to match data entering the server to data leaving the server, thus learning about your online activity. Needless to say, this shouldn’t keep the regular user up at night. ProtonVPN is not aimed at the regular user, so they offer a fix.

Let’s imagine you want to use a VPN server in the UK, and that particular server is compromised. Well, with Secure Core turned on, the traffic will pass through one of ProtonVPN’s Secure Core servers in Switzerland, Iceland, or Sweden, so it will arrive at the UK server already encrypted (and thus useless).

What if one of these Secure Core servers gets compromised? To solve this potential issue, only ProtonVPN’s own servers are used – only their staff has access to the servers and they are located in physically secure locations. The Switzerland and Sweden datacenters are located underground, whereas the Iceland data center is on a former military base. As a side note, if that doesn’t get your inner child going, nothing will!

ProtonVPN also offers something called Tor over VPN, combining the security provided by one and the other. The Tor network is a free browser and network, widely used for anonymity around the world. Using Tor makes your road to the host server more complex. Instead of going directly, the request is encrypted and sent through a series of relays. Each relay has the key to remove a layer of encryption (or to add a layer of encryption), but none have the means to fully encrypt or decrypt the message. The traffic then comes back along the same route, but in reverse order – adding levels of encryption until the fully encrypted data comes back to the user. Tor is a powerful but imperfect tool that needs improvement. That’s what the combination of Tor and VPN does – using both makes the job of the snooper a lot more difficult!

Finally, ProtonVPN has an effective kill switch. If your VPN connection drops for some reason – the program will stop all traffic and prevent your IP from leaking.

Legal context

Whenever we consider the security and privacy of a VPN service, it is useful to know where the VPN is based and what their Privacy Policy is. The two are related – sometimes you’ll see VPN providers scream at the top of their lungs about their zero-logging policy whilst based in a country like the UK (where data retention is legally mandatory).

ProtonVPN is not the only provider based in Switzerland (e.g. VyprVPN is also registered there). The reason is simple – Switzerland has no data retention laws and is not part of the 5 eyes/14 eyes country groups. This latter fact means they’re not part of the extensive intelligence-sharing framework many Western countries belong to.

According to ProtonVPN’s Privacy Policy, the only data logged by the VPN during your sessions are the timestamps of your last successful login attempt: Each time a user connects to the Service, we only monitor the timestamp of the last successful login attempt. This gets overwritten each time you successfully log in. This timestamp does not contain any identifying information, such as your IP address or your location; it only contains the time and date of the login. This is far less than many other VPN providers collect and shouldn’t be of much concern. ProtonVPN also seems very transparent with what information they do or don’t log at various points of interaction with the service: using the website, signing up, paying, using the VPN, etc.

This is very satisfactory and stands in line with ProtonVPN’s declared stance on security/privacy.

Speed & Performance

It can’t all be perfect – ProtonVPN’s speed and performance certainly aren’t. Some VPN service providers are able to reconcile security and speed, but that doesn’t make it easy. For example, NordVPN has very comparable security credentials to ProtonVPN and decent speeds. How? By having 4,500+ servers – that’s how! ProtonVPN has a measly 116 servers in 15 countries, so the low speeds are not so unexpected. With that said, they’re not so bad with low-distance connections. As a matter of fact, they’re quite comparable to the connection speeds of top VPN services. It’s when you try to go to a different continent that the troubles arise.

Keep in mind that we’ve been testing the connection using one of the premium plans – ProtonVPN Free and Basic versions demonstrate even worse results. In the end, perhaps this point is moot because buying ProtonVPN for the speed is not a great idea, to begin with…

How to install it

Very simple if you’re a Windows, Mac or Android user. Here’s what you do:

  1. Go to ProtonVPN’s website and click “Secure your internet”.
  2. Select a pricing plan (Free, Basic, Plus, or Visionary).
  3. Select whether you’d like to pay monthly or annually.
  4. Create an account or use your ProtonMail account. You can use any email address, making this an anonymous process.
  5. Select a payment method and make the payment. Unfortunately, there‘s no crypto option available here.
  6. Choose your device: Windows, Mac, Android, or something else.
  7. Download an run the installer.
  8. The installation itself is very simple. All you‘ll have to do is choose an installation directory and click next a few times (for Windows, but other apps are similarly easy to install).

How to use ProtonVPN

So, you’ve installed ProtonVPN and now you’d like to get all that security and privacy going. We’ll have a look at the Windows version of the app to see how it works. Run the client!

The first thing to do when you turn ProtonVPN on is to log in. You will have received the credentials via email – just enter them and you’re good to go. You will find this an easy app to navigate – it has a huge map and is not cluttered at all. Every option has useful explanations. We also think it looks very nice, but then again, perhaps that’s just our affinity for sci-fi talking!

On the primary screen, you’ll see a map, which you can zoom into and out of using the bar at the top right. Hovering on the little triangles will reveal what country the VPN server is based in. If you then hover over the country name, it will change into a “connect” button – a quick way to connect to a specific location. When you’re connected, the bottom part of the interface will show the duration of your session and a graph of your download/upload stats – volume and speed.

This screen gives you other connection options as well. On the top left you should notice a “Quick connect” button, which will connect you to a server nearest to your location. Below there is a “Search” tab and a list of countries with ProtonVPN servers. Each country can be expanded to reveal the list of servers. You can connect to a country or specific server by hovering over the menu item and clicking “Connect”. All very self-explanatory except the little icons to the right of the country/server. The little onion icon means it’s a Tor over VPN server – if you connect there your traffic will go through the Tor relay network…very slowly! The two opposing arrows mean the server allows P2P traffic (if you want to torrent).

If you turn “Secure Core” on, all your traffic will go through ProtonVPN’s hyper-secure servers in Switzerland, Sweden, or Iceland. This will also considerably slow your connection down.

There are two more things to discuss here – Profiles and the “hamburger” menu. In “Profiles”, you can set parameters for a quick VPN connection or choose an already-created profile and connect using it. If you click “Create Profile”, ProtonVPN will ask you:

  • To choose the server type you want to connect to (Standard, Secure Core, P2P, Tor).
  • Create a Profile name
  • Pick a color
  • Choose the protocol for your OpenVPN connection (UDP or TCP). The basic premise behind this choice is that UDP is faster and less stable, while TCP is slower and more stable.
  • Select the country (if you want to connect to a Standard server) and the specific server

The hamburger menu has a number of choices, but we’ll only discuss the “Settings”. Here are your choices:

  • Auto Connect. You can enable or disable it and choose how the auto-connect feature behaves – whether it always connects to the Fastest server, Random server, or follows the parameters of one of the Profiles.
  • Quick Connect. Choose how the “Quick Connect” button behaves (similarly to Auto Connect).
  • Default Protocol. Either UDP or TCP – great choice to have, especially if you don’t have the most stable connection (in which case you might want to try TCP). This can be confusing for anyone who has read about OpenVPN and can’t find it on the list. The security protocol is actually OpenVPN – you’re just choosing the kind of OpenVPN.
  • Start with Windows (enable/disable).
  • Start Minimized (enable/disable).
  • VPN Kill Switch. This is an important feature, which is “Off” by default. We recommend turning it “On”. If your VPN connection drops (which, to ProtonVPN’s credit, doesn’t happen much), the Kill Switch will stop all your network traffic. If it’s disabled, you risk revealing your IP – the exact opposite of what you were trying to achieve with ProtonVPN.
  • DNS Leak Protection. There is absolutely no reason why this should be switched off!
  • Show notifications (enable/disable).
  • Early Access. ProtonVPN will offer you early version updates. Enable at your own risk – early versions can be, and often are, unstable.

In short, there isn’t much room to get lost in with ProtonVPN – the tool feels spacious but uncluttered. It’s very functional but obviously lightweight. Don’t expect to be wowed by the number of features!

Apps & Extensions

This is where it becomes plainly obvious that ProtonVPN is a work in progress. Custom apps exist only for Windows, Mac, and Android. Tough luck, iPhone and iPad people! To be fair, you can still use ProtonVPN with iOS, routers, and Linux (you’ll just have to do it in a roundabout way).

ProtonVPN on Mac is largely identical to the Windows version – the interface looks the same, and the functions are no different either. Android is slightly different and has less to offer. There is no Kill Switch and the VPN uses IKEv2 instead of OpenVPN. These to points require additional comment:

  • If you want to have a Kill Switch on your Android device (which you do), you can use an external native Android feature to perform the same function. Android 7+ has something called Always-on VPN and you can use it to prevent connections that go outside the VPN tunnel.
  • Security-wise, IKEv2 is just as good as OpenVPN. You might even consider it superior to mobile devices due to the protection it gives from leaks at the point where your connection goes from Wi-Fi to Mobile Data. With that said, IKEv2 might not work in every situation
  • If you want to use OpenVPN on your Android device, you can – just download the OpenVPN app and run ProtonVPN through it.

In general, ProtonVPN is quite mobile-friendly and should leave most users happy. We just have to wait for the iOS version and a function upgrade!

ProtonVPN for Netflix

It’s been a while since Netflix declared a war on VPN services. Since then, many have fallen to the server bans, one by one. So, what are we bored people to do? Might ProtonVPN save us?

The answer is not very clear-cut and it seems that ProtonVPN and Netflix are neck-and-neck in this race. At one point, ProtonVPN was a reliable tool for the popcorn-minded, but then it was fully banned. Now? You can get it to work with the help of ProtonVPN support, but let’s be clear – this is far from the most reliable tool for the job. Neither is it the cheapest (good luck getting a stream upon the free version of ProtonVPN!).

ProtonVPN for Torrenting

Torrenting makes up for a huge portion of the VPN user base. We guess people don’t enjoy paying enormous fines for copyright violations. Who could’ve known!

ProtonVPN is good for torrenting if you’re in the right location and pretty bad elsewhere. The awesome security credentials make ProtonVPN a natural choice for torrent users. Unfortunately, P2P traffic is not allowed on every server – only servers in the Netherlands, Singapore, and Sweden. That should be sufficient if you’re based in Europe or the Far East. In the US? Not so much. The speeds will suck!

ProtonVPN for China

This VPN would be a good choice for Chinese users due to the level of security it provides. Unfortunately, it does not work or at least not reliably.

The basic issue is this: China is using something called Deep Packet Inspection (DPI) to block encrypted OpenVPN traffic. DPI is a way of analyzing meta-data to distinguish VPN traffic. Once the ISP can tell the VPN traffic from the non-VPN traffic, it can impose blocks on it. VPN providers have been employing three methods to solve this issue:

  • Obfuscated servers. VPNs like ExpressVPN and NordVPN have these stealth servers that China has been unable to block.
  • Anti DPI protocols. VyprVPN and HideMe offer security protocols created with the express purpose of fooling DPI
  • L2TP. VPN services such as PIA (read our PIA Review) have instructed their users to use the less-safe L2TP protocol. This works but is not a long-term solution.

ProtonVPN has none of these weapons in their arsenal and is therefore not a great choice for users in China. This may or may not be the case in other restricted countries (Russia, Iran, Turkey, UAE, etc.) – get a free trial to find out!

Support

The stuff on ProtonVPN’s site is good. Although the self-help material is not abundant, it’s well-written and covers most basic topics. If you have a question not covered by any of the articles on the site – fill out a support ticket and you’ll eventually receive an informative answer. Only it might not come quickly as ProtonVPN Free brings lots of inquiries!

ProtonVPN also has their own subreddit on Reddit.com, which is a transparent and efficient way of dealing with various questions.

Either way, the issue isn’t with the support that is there – it’s what isn’t there that’s the problem! ProtonVPN has no live chat function, so there’s no one to deal with urgent and/or quickly fixable problems. This is below the current standards established by the top names on the market. We hope something is in the works at CERN!

Pricing

Let’s dive into the rather complicated set of pricing plans. There are 4 of them. In order of price – ProtonVPN Free, Basic, Plus, Visionary. We’ll discuss them in reverse order because then we can start with the full set of features and go back into the limited Free version.

    • Visionary: 30 € a month or 288 € billed annually

Includes all the features we’ve discussed in this article, allows an impressive 10 simultaneous connections and includes the Visionary subscription of ProtonMail (on its own 30 € a month or 288 € billed annually).
If you just need the VPN, that’s an outrageous price. Otherwise – a good deal!

    • Plus: 10 € a month or 96 € billed annually

All features except ProtonMail Visionary, 5 simultaneous connections.
This is probably what most paying users will have their eyes on. It’s decently-priced and a good choice for the security-minded.

    • Basic: 5 € a month or 48 € billed annually

No ProtonMail Visionary, no Tor Servers, no Secure Core, no “Plus Servers” (premium, faster servers). 2 connections simultaneously.
If it’s a cheap and functional VPN you need, get something like PIA or PrivateVPN. Without the security features and with less connection speed, ProtonVPN is not worth this much money!

ProtonVPN Free Version

We’ve made our stance on free VPN services very public. They’re either getting money from you in less transparent ways, or they’re so restricted as to be borderline useless.

Most of the VPNs in the second category are similar to ProtonVPN – they have both a free version and a paid version. The free version usually limits your bandwidth or how much data you can transfer a month; some will limit the number of server switches you can make and so forth. These restrictions are very crippling. In contrast, ProtonVPN Free is not so bad!

The free version of ProtonVPN won’t give you ProtonMail, Tor servers, Secure Core, or Plus Servers. It will also limit you to 1 connection at a time and 3 countries to connect to. BUT, it will not limit your bandwidth, how much you can download, or how many times you can switch servers. That’s the best free VPN deal we’ve seen so far.

Bottom Line

To end our ProtonVPN review, we can say that this is an extremely ambitious project. The guys at CERN are trying to create one of the most secure VPN services and one that has a free version. We’ve seen successes and we’ve seen points where improvements will be necessary. ProtonVPN is already the best choice for those who want a free VPN. It’s also a good selection for very specific situations (e.g. if you’re based in Europe and need to feel extremely safe online). For the rest of us – let’s grab some popcorn and watch this one unfold!