Last update: 01.23.2019
ProtonVPN is super-secure and has a great Free version. A bit of work will take it to the top!
For all its expansion, the VPN market has never had a decent free VPN choice. This ProtonVPN review presents you the tool from the same CERN scientists (no, they won’t make a black hole) who have given us ProtonMail. They have set out to achieve a mammoth task, namely, to offer the world a free version of their VPN – one that is:
- Not funded through malicious means
- Not limited in terms of bandwidth or amount of data transferred
Sounds easier than it actually is! Virtual Private Networks are expensive to run badly and a downright lavish investment if run well. ProtonVPN does it admirably, but you can’t survive for free, so our ProtonVPN review will mainly focus on the full, paid version.
As the offspring of ProtonMail, this Swiss VPN does security the way very few services do. Aside from the expected super-tough encryption (AES-256, 2048-bit handshake), ProtonVPN has no confirmed leaking issues, a great kill switch, and some really cool bonus features. One of these is Secure Core – an interesting take on the multi-hop VPN.
When you have this feature enabled, all server connections will take a detour through one of ProtonVPN’s hyper-secure servers in Switzerland, Sweden, or Iceland. If that’s not enough, you can try Tor over VPN and combine the anonymity given by the Tor network and VPN.
Beyond that, and beyond the fact that they have some beautiful apps, ProtonVPN is currently a product under construction. The company takes the quality-over-quantity approach and is avoiding half-baked features. The 347 servers in 31 locations don’t convert into a lightning-fast connection. It’s not the best choice for users in China and the live chat support is not yet available 24/7.
Aside from the Free plan, there are 3 paid plans, ranging from cheap and not very powerful (Basic at $5 a month or $48 a year), to reasonable and functional (Plus at $10 a month or $96 a year), to business class (Visionary at $30 a month or $288 a year). You can pay for it using BitCoin, too!
We‘re confident that ProtonVPN will eventually become one of the best tools on the market. For the time being it lives on niche appeal and its Free version.
Is ProtonVPN safe to use?
The stated goal of ProtonVPN is to provide better security and privacy than other VPN services. It’s far from unique to say something like that – VPN companies do it all the time. You can always call them out, but they will answer with something about their “top-notch encryption”, “no DNS and IPv6 leaks”, “no logging policy”, and then you can have a long, adversarial dialogue to uncover the true meaning of these marketing claims.
We did some digging for this ProtonVPN review and can say that it’s a very different beast – the company actually has a few things to say about privacy and security! Honestly, it’s understandable, if for no other reason than the reputation of ProtonMail (the biggest and safest encrypted mail service).
Let’s have a look at just what you’re getting with ProtonVPN.
Secure VPN products require a comprehensive, all-encompassing approach. We begin with the basics – encryption. Like many of the best tools on the market, ProtonVPN uses an AES-256 cipher with a 2048-bit RSA handshake and HMAC SHA 256 authentication. That’s a technical way of saying “it would take the computing power of the whole world all the time in the universe to break this encryption”. Granted, this isn’t unique, and some VPN services offer even greater encryption. At this juncture, we’d just like to say that there is no such thing as more unbreakable.
ProtonVPN offers DNS leak protection on the client side as well as a private DNS network. This should ensure the prevention of most DNS leak situations. Our ProtonVPN review team is currently unaware of any ProtonVPN vulnerabilities in this department, but let’s see just what that means! Whenever you enter some URL into your browser address bar, the first thing your computer must do is translate the hostname into an IP address.
For that to happen, it must contact a DNS (Domain Name Server), which performs the function of a digital phone book. If your VPN service has no DNS leak protection feature, sometimes these DNS requests will be executed outside the VPN tunnel by your regular ISP-provided DNS. In practice, that means you’re telling your ISP what you’re doing on the internet! ProtonVPN is one of the services where this type of thing is highly unlikely.
There have been reports that ProtonVPN is susceptible to the notorious WebRTC leak. This would mean there is the potential to leak your IP address through the browser’s WebRTC functionality. However, at the moment our tests for this ProtonVPN review tests show that this is not the case. The situation with IPv6 leaks is less clear, but any allegations about ProtonVPN’s IPv6 leaks lack substantiation. All in all, we can say that this is a leak-free VPN service.
The only security protocols offered by ProtonVPN are OpenVPN (UDP/TCP) and IKEv2 (must be installed manually). While the lack of choice is less than optimal, these protocols offer the greatest level of protection, and therefore nothing to complain about. That being said, OpenVPN will not work for users in China and possibly other restricted countries either – more on that later.
Extra security layers
One of the primary reasons ProtonVPN stands out in the VPN space is the bonus protection given by unique features. The first one of these is something called Secure Core – a type of multi-hop function. The reason ProtonVPN created this function is to minimize the risks posed by compromised VPN servers. Simply put, if an observer is snooping on a VPN server you are connected to (we won’t get into how), they can use something called timing or correlation attacks to match data entering the server to data leaving the server, thus learning about your online activity. Needless to say, this shouldn’t keep the regular user up at night. ProtonVPN is not aimed at the regular user, so they offer a fix.
Our ProtonVPN review team thought of an imaginary scenario where you want to use a VPN server in the UK, and that particular server is compromised. Well, with Secure Core turned on, the traffic will pass through one of ProtonVPN’s Secure Core servers in Switzerland, Iceland, or Sweden, so it will arrive at the UK server already encrypted (and thus useless).
What if one of these Secure Core servers gets compromised? To solve this potential issue, only ProtonVPN’s own servers are used – only their staff has access to the servers and they are located in physically secure locations. The Switzerland and Sweden data centers are located underground, whereas the Iceland data center is on a former military base. As a side note, if that doesn’t get your inner child going, nothing will!
Currently, the list of countries whose servers support double-hopping through ProtonVPN’s Secure Core includes 29 countries:
- Hong Kong
- South Africa
- South Korea
- United Kingdom
- United States
ProtonVPN also offers something called Tor over VPN, combining the security provided by one and the other. The Tor network is a free browser and network, widely used for anonymity around the world. Using Tor makes your road to the host server more complex. Instead of going directly, the request is encrypted and sent through a series of relays. Each relay has the key to remove a layer of encryption (or to add a layer of encryption), but none have the means to fully encrypt or decrypt the message. The traffic then comes back along the same route, but in reverse order – adding levels of encryption until the fully encrypted data comes back to the user. Tor is a powerful but imperfect tool that needs improvement. That’s what the combination of Tor and VPN does – using both makes the job of the snooper a lot more difficult!
To conclude the security part of ProtonVPN review, it has an effective kill switch. If your VPN connection drops for some reason – the program will stop all traffic and prevent your IP from leaking.
ProtonVPN is not the only provider based in Switzerland (e.g. VyprVPN is also registered there). The reason is simple – Switzerland has no data retention laws and is not part of the 5 eyes/14 eyes country groups. This latter fact means they’re not part of the extensive intelligence-sharing framework many Western countries belong to.
This is very satisfactory and stands in line with ProtonVPN’s declared stance on security/privacy.
Speed & performance
It can’t all be perfect – ProtonVPN’s speed and performance certainly aren’t. Some VPN service providers are able to reconcile security and speed, but that doesn’t make it easy. For example, NordVPN has very comparable security credentials to ProtonVPN and decent speeds. How? By having 5,000+ servers – that’s how! Meanwhile, the server base of ProtonVPN has expanded and now contains 347 servers in 31 countries, which is better and has helped the VPN, but the speeds are still decidedly average. We ran some speed tests for this ProtonVPN review, using 3 different locations, and here’s what the results were.
Some context is needed here. The speed tests were performed very close to peak activity hours in Europe. At the same time, for comparison, we also ran tests using a few other well-known VPN services – TorGuard and NordVPN. In short, ProtonVPN’s French result is almost half of what NordVPN and TorGuard demonstrated. With the more remote destinations, differences were less pronounced, but still firmly in favor of the top VPN services.
The above results mark an improvement. Whereas a few months ago ProtonVPN was just slow, it is now quite average and unremarkable. This is a good trajectory and gives us hope for the future – Proton is already close to the mark.
Keep in mind that we’ve been testing the connection using one of the premium plans. ProtonVPN Free and Basic versions are quite a bit slower. In the end, perhaps this point is moot because buying ProtonVPN for the speed is not a great idea, to begin with…
How to install it
Very simple if you’re a Windows, Mac, iOS, or Android user. Here’s what you do:
- Go to ProtonVPN’s website and click “Secure your internet”.
- Select a pricing plan (Free, Basic, Plus, or Visionary).
- Select whether you’d like to pay monthly or annually.
- Create an account or use your ProtonMail account. You can use any email address, making this an anonymous process.
- Select a payment method and make the payment. Unfortunately, there‘s no crypto option available here.
- Choose your device: Windows, Mac, Android, iOS, or something else.
- Download and run the installer.
- The installation itself is very simple. All you‘ll have to do is choose an installation directory and click next a few times (for Windows, but other apps are similarly easy to install).
How to use ProtonVPN
So, you’ve installed ProtonVPN and now you’d like to get all that security and privacy going. We’ll have a look at the Windows version of the app to see how it works. Run the client!
The first thing to do when you turn ProtonVPN on is to log in. You will have received the credentials via email – just enter them and you’re good to go. You will find this an easy app to navigate – it has a huge map and is not cluttered at all. Every option has useful explanations. We also think it looks very nice, but then again, perhaps that’s just our affinity for sci-fi talking!
On the primary screen, you’ll see a map, which you can zoom into and out of using the bar at the top right. Hovering on the little triangles will reveal what country the VPN server is based in. If you then hover over the country name, it will change into a “connect” button – a quick way to connect to a specific location. When you’re connected, the bottom part of the interface will show the duration of your session and a graph of your download/upload stats – volume and speed.
This screen gives you other connection options as well. On the top left you should notice a “Quick connect” button, which will connect you to a server nearest to your location. Below there is a “Search” tab and a list of countries with ProtonVPN servers. Each country can be expanded to reveal the list of servers. You can connect to a country or specific server by hovering over the menu item and clicking “Connect.” All very self-explanatory except the little icons to the right of the country/server. The little onion icon means it’s a Tor over VPN server – if you connect there your traffic will go through the Tor relay network…very slowly! The two opposing arrows mean the server allows P2P traffic (if you want to torrent).
If you turn “Secure Core” on, all your traffic will go through ProtonVPN’s hyper-secure servers in Switzerland, Sweden, or Iceland. This will also considerably slow your connection down.
When writing ProtonVPN review, we have found two more things to discuss here – Profiles and the “hamburger” menu. In “Profiles,” you can set parameters for a quick VPN connection or choose an already-created profile and connect using it. If you click “Create Profile,” ProtonVPN will ask you:
- To choose the server type you want to connect to (Standard, Secure Core, P2P, Tor).
- Create a Profile name
- Pick a color
- Choose the protocol for your OpenVPN connection (UDP or TCP). The basic premise behind this choice is that UDP is faster and less stable, while TCP is slower and more stable.
- Select the country (if you want to connect to a Standard server) and the specific server
The hamburger menu has a number of choices, but we’ll only discuss the “Settings.” Here are your choices:
- Auto Connect. You can enable or disable it and choose how the auto-connect feature behaves – whether it always connects to the Fastest server, Random server, or follows the parameters of one of the Profiles.
- Quick Connect. Choose how the “Quick Connect” button behaves (similarly to Auto Connect).
- Default Protocol. Either UDP or TCP – great choice to have, especially if you don’t have the most stable connection (in which case you might want to try TCP). This can be confusing for anyone who has read about OpenVPN and can’t find it on the list. The security protocol is actually OpenVPN – you’re just choosing the kind of OpenVPN.
- Start Minimized (enable/disable).
- Start with Windows (enable/disable).
- VPN Kill Switch. This is an important feature, which is “Off” by default. We recommend turning it “On.” If your VPN connection drops (which, to ProtonVPN’s credit, doesn’t happen much), the Kill Switch will stop all your network traffic. If it’s disabled, you risk revealing your IP – the exact opposite of what you were trying to achieve with ProtonVPN.
- DNS Leak Protection. There is absolutely no reason why this should be switched off!
- Show notifications (enable/disable).
- Early Access. ProtonVPN will offer you early version updates. Enable at your own risk – early versions can be, and often are, unstable.
When writing this ProtonVPN review we’ve discovered that there isn’t much room to get lost in with it – the tool feels spacious but uncluttered. It’s very functional but obviously lightweight. Don’t expect to be wowed by the number of features!
ProtonVPN to support WireGuard
After Mullvad VPN and IVPN, ProtonVPN also joined the line of providers to support WireGuard, a new open-source VPN protocol. In fact, WireGuard is more than just a new protocol – it’s supposed to be the future of online security.
This next-generation secure network tunneling solution was registered by Jason A. Donenfeld (Edge Security). Although WireGuard is nowhere close to completion, it has already attracted attention from the VPN industry competitors. As a matter of fact, this new protocol is still under development and testing.
ProtonVPN doesn’t yet offer WireGuard as a protocol option; however, this provider supports the development of this new tunneling protocol.
What makes WireGuard so special? For starters, the developers have reduced its code to a few thousand lines. This makes it much simpler and easier to deploy and audit. Thanks to the clearer and shorter coding, both security and performance have increased. No wonder why our ProtonVPN review team has also found that WireGuard could become the fastest and most secure protocol in the near future.
When can you try it with your ProtonVPN app? Well, Proton has already set up its WireGuard servers for internal testing. But the public deployment may take some more time. We can promise that once the WireGuard protocol is available for ProtonVPN, we’ll update our review to let you know.
Apps & extensions
This is where it becomes plainly obvious that ProtonVPN is a work in progress. Since very recently, custom apps exist for Windows, Mac, iOS, and Android. And, it also has a free version. You can still use ProtonVPN with routers, and Linux in a roundabout way (by running it through standalone VPN protocol apps).
November 2018 is an important milestone in the Proton history book. First of all, their number of users reached 1 million. But more importantly, the long-awaited ProtonVPN for iOS app finally saw the light of day. Our iOS client tests show improved speeds, a tasteful and intuitive interface, and an impressive online privacy level.
The ProtonVPN iOS client has all the great security features that the Windows app boasts. Well, depending on your subscription level, of course. The Settings section may be a bit underwhelming with only a single option to toggle: the Always-on VPN.
This security feature is essentially Proton’s way to mitigate personal data leaks instead of a kill switch. The Always-on VPN is turned on automatically for the iOS and Mac OS clients. In the Android app, you have to do it manually. This important feature makes sure that in case of a connection drop, your secure VPN connection is reestablished ASAP.
ProtonVPN on Mac is largely identical to the Windows version – the interface looks the same, and the functions are no different either. Android is slightly different and has less to offer. For instance, it doesn’t have a traditional kill switch and the VPN app uses IKEv2 instead of OpenVPN. These two points require additional comment from our ProtonVPN review team:
- If you want to have a kill switch on your Android device (which you do), you can use an external native Android feature to perform the same function. Android 7+ has something called Always-on VPN and you can use it to prevent connections that go outside the VPN tunnel. For Android 8+, this feature is extended with the Block connections without VPN option.
- Security-wise, IKEv2 is just as good as OpenVPN. You might even consider it superior to mobile devices due to the protection it gives from leaks at the point where your connection goes from Wi-Fi to Mobile Data. With that said, IKEv2 might not work in every situation
- If you want to use OpenVPN on your Android device, you can – just download the OpenVPN app and run ProtonVPN through it.
In general, ProtonVPN is quite mobile-friendly and should leave most users happy.
ProtonVPN for Netflix
It’s been a while since Netflix declared a war on VPN services. Since then, many have fallen to the server bans, one by one. So, what are we bored people to do? Might ProtonVPN save us?
The answer is a careful ‘yes’. We were able to stream some Netflix US content, but it was not very easy to do. There’s a trend here that users should be aware of: we were able to access content rather easily using Plus servers. Basic? Not so much. On Plus servers, the speed was decent – enough for HD, but not enough for Ultra HD (perhaps if we had tried in the evening, we would’ve been luckier). We gave the non-Plus servers a fair shot as well and, having run through 10 or so, were unable to get into our Netflix binge. So, even if there’s a ProtonVPN Basic server somewhere that hasn’t yet been blocked by Netflix, we would urge you to find a more reliable VPN option. Needless to say, the Free version will not get you within miles of that delicious high-def content.
ProtonVPN for torrenting
Torrenting makes up for a huge portion of the VPN user base. We guess people don’t enjoy paying enormous fines for copyright violations. Who could’ve known!
When writing this ProtonVPN review, we’ve discovered that it is good for torrenting if you’re in the right location and pretty bad elsewhere. The awesome security credentials make ProtonVPN a natural choice for torrent users. Unfortunately, P2P traffic is not allowed on every server – only servers in the Netherlands, Singapore, and Sweden. That should be sufficient if you’re based in Europe or the Far East. In the US? Not so much. The speeds will suck!
ProtonVPN for China
This VPN would be a good choice for Chinese users due to the level of security it provides. Unfortunately, it does not work or at least not reliably.
The basic issue is this: China is using something called Deep Packet Inspection (DPI) to block encrypted OpenVPN traffic. DPI is a way of analyzing meta-data to distinguish VPN traffic. Once the ISP can tell the VPN traffic from the non-VPN traffic, it can impose blocks on it. VPN providers have been employing three methods to solve this issue:
- Obfuscated servers. VPNs like ExpressVPN and NordVPN have these stealth servers that China has been unable to block.
- Anti DPI protocols. VyprVPN and HideMe offer security protocols created with the express purpose of fooling DPI
- L2TP. VPN services such as PIA (read our PIA Review) have instructed their users to use the less-safe L2TP protocol. This works but is not a long-term solution.
Our ProtonVPN review has found that this VPN has none of these weapons in the arsenal and is therefore not the best choice for users in China. This may or may not be the case in other restricted countries (Russia, Iran, Turkey, UAE, etc.) – get a free trial to find out!
The stuff on ProtonVPN’s site is good. Although the self-help material is not abundant, it’s well-written and covers most basic topics. If you have a question not covered by any of the articles on the site – fill out a support ticket and you’ll eventually receive an informative answer. Only it might not come quickly as ProtonVPN Free brings lots of inquiries!
ProtonVPN also has their own subreddit on Reddit.com, which is a transparent and efficient way of dealing with various questions.
Of course, it was only a matter of time until these support options would no longer be enough and ProtonVPN would introduce the live chat option. And here we are, live chat support is now active. It isn’t available 24/7, but we’re very happy to see progress in this area!
Let’s dive into the rather complicated set of pricing plans. There are 4 of them. In order of price – ProtonVPN Free, Basic, Plus, Visionary. Our guys from the ProtonVPN review team discuss them in reverse order because then we can start with the full set of features and go back into the limited Free version. By the way, you can pay for any of these plans in BitCoin, thus preserving your complete anonymity.
- Visionary: $30 a month or $288 billed annually
Includes all the features we’ve discussed in this article, allows an impressive 10 simultaneous connections and includes the Visionary subscription of ProtonMail (on its own $30 a month or $288 billed annually).
If you just need the VPN, that’s an outrageous price. Otherwise – a good deal!
- Plus: $10 a month or $96 billed annually
All features except ProtonMail Visionary, 5 simultaneous connections.
This is probably what most paying users will have their eyes on. It’s decently-priced and a good choice for the security-minded.
- Basic: $5 a month or $48 billed annually
No ProtonMail Visionary, no Tor Servers, no Secure Core, no “Plus Servers” (premium, faster servers). 2 connections simultaneously.
ProtonVPN Free version
Our ProtonVPN review team has made our stance on free VPN services very public. They’re either getting money from you in less transparent ways, or they’re so restricted as to be borderline useless.
Most of the VPNs in the second category are similar to ProtonVPN – they have both a free version and a paid version. The free version usually limits your bandwidth or how much data you can transfer a month; some will limit the number of server switches you can make and so forth. These restrictions are very crippling. In contrast, our ProtonVPN review team has found that Free version is not so bad!
The free version of ProtonVPN won’t give you ProtonMail, Tor servers, Secure Core, or Plus Servers. It will also limit you to 1 connection at a time and 3 countries to connect to. These locations are the US, the Netherlands, and Japan.
BUT, it will not limit your bandwidth, how much you can download, or how many times you can switch servers. That’s the best free VPN deal we’ve seen so far.
ProtonVPN 7-day free trial
In addition to the completely free and limited ProtonVPN version, now you can use the Plus service for 7 days for free. It’s very simple to get this option. Our ProtonVPN review team has found that all you need to do is create a new free account, download and install the app, and log in with your free account details.
After you connect to a server for the first time, a pop-up is displayed:
This is to signal the start of your 7-day free trial with the ProtonVPN Plus plan. You don’t need to do anything else – just enjoy the unleashed power and variety of your upgraded version.
At the top of the left panel, you’ll see how much time you have left from your 7-day free trial. Once it expires, you’ll be simply downgraded to the basic free plan. If you choose to order the Plus plan, you can always press the Upgrade button and take care of the purchase.
Bottom line of our ProtonVPN review
To end our ProtonVPN review, we can say that this is an extremely ambitious project. The guys at CERN are trying to create one of the most secure VPN services and one that has a free version. We’ve seen successes and we’ve seen points where improvements will be necessary. ProtonVPN is already the best choice for those who want a free VPN. It’s also a good selection for very specific situations (e.g. if you’re based in Europe and need to feel extremely safe online). For the rest of us – let’s grab some popcorn and watch this one unfold!
How about learning from other VPN users?
Do you have any related questions? Have you ever tried to use Proton VPN or any other VPN apps before? Maybe you have written your own Proton VPN review? What are your impressions?
Remember, sharing is caring!
Please feel free to leave your comment below.