The impact ProtonMail had on the privacy email industry when it opened its doors in 2014 is hard to overstate. Developed by a team of research students from MIT and Harvard, and headed by Harvard PhD candidate and CERN researcher Andy Yen, ProtonMail showed that it is possible to combine a high level of privacy and security with a webmail service that is as convenient and easy to use as Gmail.
Swiss-based Proton Technologies AG has now also introduced a Virtual Private Network (VPN) service. Given the deservedly good reputation of ProtonMail, it is not surprising that expectations for ProtonVPN are very high. Read on to find out if ProtonVPN lives up to these expectations!
ProtonVPN’s Pricing and Plans
ProtonVPN offers four separate plans. Prices start at free, going up to $30 per month if paid monthly. Paying annually nets you a 20% discount. Existing ProtonMail users with paid-for accounts can claim a 20% discount (which is cumulative with the annual discount).
For most people who are willing to pay for a VPN, the sweet spot is likely to be the Plus plan. This provides access to all ProtonVPN servers at the highest speeds available. It also provides access to all ProtonVPN’s advanced features.
Even for ProtonMail users, the Visionary plan only really makes sense for businesses or individuals who wish to support the Proton project above and beyond the call of duty.
This ProtonVPN review will, therefore, concentrate on the Plus plan, although I have run some speed tests using the Free plan. Free users can access servers located in Japan, the Netherlands, and the United States.
ProtonVPN offers an extremely generous, 60-day money-back guarantee. You can, of course, use the free service for as long as you like before upgrading. Although not advertised on the website, when I downloaded the Windows software on the Free plan, I was granted a seven-day free trial of the Plus plan.
Note that this free trial only applies if you’re using the custom client. It’s not possible to download the Plus plan OpenVPN server configuration files during the trial period. This means that, at present, only Windows users can take advantage of this offer.
Payment can be made via credit/debit card or PayPal. ProtonVPN uses a third party payment processor for these, so doesn’t keep any payment information itself.
It’s also possible to pay using Bitcoin. As a Free user, simply “donate” Bitcoin to Proton Technologies, and the donations will be credited to your account. They can be used to purchase ProtonVPN and ProtonMail account upgrades. Although not well advertised, Proton has stated that it also accepts payment in cash or via direct bank transfer. if you contact support.
Accepting anonymous payment in cash or properly mixed Bitcoin is great, but please do remember that ProtonVPN will always know your real IP address regardless of how anonymously you pay.
Below are the key features of the ProtonVPN Plus plan. The features vary by plan, however. See the pricing table above for more details.
- Minimal logs
- Five simultaneous connections
- Servers in 14 countries
- Secure Core server network
- Tor through VPN
- Peer-to-peer (P2P) torrenting permitted on selected servers
- Domain Name System (DNS) leak protection
- Kill switch (mobile apps also)
- Transparency report and warrant canary
Server locations are primarily in Europe and North America, but there are also severs in East Asia and Australia.
Secure Core is a feature that aims to protect users against traffic correlation attacks. Although ProtonVPN claims this feature as “unique,” it is similar in principle to the “double-hop” VPN setup offered by the likes of NordVPN, or even to Tor.
A traffic correlation attack is performed by monitoring internet traffic as it enters and exits a VPN server. If a user always connects to a VPN server at the same time as a user of that VPN service visits a monitored website, then it is fairly easy to identify that individual as a visitor to that website.
It is worth pointing out to the more paranoid out there that such attacks are highly targeted. Someone powerful has to be looking very carefully for you specifically.
Secure Core helps protect against this by first routing your VPN connection through a Secure Core server. This makes it all but impossible to perform traffic analysis on the second (exit) server.
In theory, traffic analysis could still be performed on the initial Secure Core server. However, ProtonVPN has taken steps to make this very difficult. For a start, the Secure Core servers are located only in countries with very strong privacy laws.
They are also owned and operated exclusively by ProtonVPN, and protected by a very high standard of physical security. “Finally, Secure Core servers are connected to the internet using our own dedicated network with IP addresses that are owned and operated by our own Local Internet Registry (LIR).”
As ProtonVPN itself points out, “there is no such thing as 100% security.” However, this does indeed sound like a very secure setup!
Tor Through VPN
This feature allows you to use ProtonVPN with the Tor network in Tor through VPN configuration. Most usefully, it allows you to connect to Tor Hidden services dark web sites using your regular browser.
It also means that your entire internet connection benefits from Tor through VPN. As I discuss in Using VPN and Tor Together, however, this is not a secure setup. If you want to do Tor through VPN, it is much safer to simply use the Tor browser while connected to your VPN service.
ProtonVPN does run its own Tor servers, so malicious Tor exit nodes shouldn’t be an issue. However, the Tor Browser is hardened in ways that your regular browser isn’t. It will also reset your Tor routing every ten minutes by default, while ProtonVPN’s setup requires a static route that is inherently easier to trace.
Interestingly, although advertised on the website and offered as an option in the software, there is no documentation on this feature available anywhere on the ProtonVPN website.
Privacy and Logging Policy
“Data we retain from ProtonVPN sessions: Each time a user connects to ProtonVPN, we only store a timestamp of the last successful login attempt. While it is stored indefinitely, this gets overwritten the each time you log in… We retain this limited information to know how many devices are being connected and ensure users do not make excessive number of connections.”
I think it fair to infer that this timestamp is associated with an IP address. The fact that such logs are overwritten on each login, however, would make using this information to perform a traffic correlation attack very difficult.
ProtonVPN is based in Switzerland. On the one hand, this is a country that has famously strong privacy laws, is not subject to EU legislation, and is not a member of the Five Eyes (or even Fourteen Eyes) US-led spying alliance.
On the other hand, Switzerland has passed some alarming new surveillance laws. These require Internet Service Providers (ISPs) and telecoms operators to store detailed metadata connection logs for 12 months. What isn’t clear (because the wording of the laws themselves isn’t clear) is whether these logging requirements apply to email and VPN services.
A statement by Proton, updated in 2017, says:
“We appreciate that the Swiss government has recognized the leading role that Proton Technologies AG plays in developing the cybersecurity tools of the future, along with the role that we play in the economic re-orientation of Geneva, and Switzerland as a whole towards the high tech sector, and sought a meeting with us to discuss how to ensure both security and privacy in the digital age.
“As a participant in these discussions, we can confirm unequivocally that upon implementation, the provisions regarding data retention introduced by the BÜPF will exempt companies like ProtonMail and ProtonVPN which are not major telecommunications operators.”
This sounds great, and may well indeed be the case. However, it does mean taking Proton’s word on a promise made to it behind closed doors. Whatever the practical implementation of the new laws will be, the letter of the law remains worryingly vague.
ProtonVPN publishes a transparency report and operates a warrant canary. A transparency report is nice, but still requires trust in Proton to report all incidences. I am also a little skeptical about the real value of warrant canaries, but I understand that many people find them reassuring.
According to ProtonMail’s similar transparency report, Proton has complied with a couple of requests for data that weren’t backed up with a valid court order. In both cases, the circumstances appear to justify such a decision. It seems that ProtonMail was able to supply very little information anyway.
Nit-picking aside, at the end of the day, using any VPN requires that you trust your VPN provider. ProtonMail has established a formidable reputation in this regard, so there is every reason to believe that ProtonVPN is sincere in its privacy claims.
Is ProtonVPN Secure?
ProtonVPN offers only one VPN protocol – OpenVPN. Although this does mean that users of more obscure or legacy hardware may not be able to use the service, it is a commendable decision. Properly implemented OpenVPN is the only VPN protocol that is believed to be 100% secure.
For the OpenVPN data channel, ProtonVPN uses an AES-256-CBC cipher with HMAC SHA-512 hash authentication.
For the control channel, ProtonVPN supports a number of cipher suites, the weakest of which is an AES-256 cipher with RSA-2048 handshake encryption and HMAC SHA-1 hash authentication. Perfect forward secrecy is provided by a Diffie Hellman key exchange.
This is a secure setup and, as I say, stronger control channel cipher suits are also supported.
Want to know more? Please check out my VPN Encryption Guide.
Unsurprisingly, the ProtonVPN website uses the same website template as the ProtonMail website. It has a professional aesthetic and is, in general, good at providing the kind of information most people need in a well explained and easy to access format.
A blog page mainly serves to publish press releases and other news related to ProtonVPN.
The first line of support is a well-presented FAQ. This is not extensive but does appear to address many common questions and issues that people may have.
If the FAQ doesn’t answer your questions, you can email the support team. A response to my easy question took about four hours. My difficult question was answered the next day. Although the response to my difficult question was vague, it did link to a webpage that by-and-large provided the answer I needed.
To sign up for a free account, you need to provide a username and valid email address. There’s nothing to stop you using a disposable email address for this, but all free accounts must be verified. To verify an account, you can either accept an SMS message or make a donation.
SMS verification does, of course, require that you give Proton your phone number. However, “We do not permanently save your email or phone number, it is deleted after verification.”
If you prefer to sign up anonymously, subscriptions and donations can be paid using Bitcoin.
If you already have a ProtonMail account, you can instead join ProtonVPN using your ProtonMail credentials.
Once you’ve signed up, you can sign in to your account and download the software or configuration files.
ProtonVPN for Windows
The Windows client looks very professional. The main page features a funky map, but more usefully also lists all available servers. Each server shows load percentage, which can be handy for picking a fast server.
Alternatively, click Quick Connect to let the software choose the fastest server for you. You can also click on a country to let the software auto-select a server at that location.
Servers that support Secure Core, Tor, and different pricing plans are clearly labelled. When you’re connected, a nice graph displays your connection speeds and bandwidth usage.
The client supports DNS leak protection and a VPN kill switch. The kill switch is firewall-based. This is the best kind of kill switch because it makes it impossible for your PC to connect to the internet outside the VPN connection. Please see A Complete Guide to IP Leaks for more details. It is also possible to choose between the OpenVPN UDP and TCP protocols, although port selection is not available.
Overall, I would say that this is a very smart-looking piece of software that includes all the most important things I want from a VPN client.
ProtonVPN Performance (Speed, IPv4, DNS, and WebRTC tests)
All tests were performed on my Virgin Media UK fiber connection, using the OpenVPN User Datagram Protocol (UDP).
The graphs show the highest, lowest, and average speeds for each server and location. See our full speed test explanation for more details, but note that I have switched to Speedtest.net Beta (HTML5) as it currently produces more consistent results than testmy.net.
I have also added average ping results (latency) in brackets, as this best reflects real-world page load times, and thus perceived speed.
Results to a nearby server are superb, although transatlantic speeds are a little underwhelming. It is interesting to note that using the double-hop Secure Core feature has only a very modest impact on speed performance. With such a small speed penalty, there is little reason not to use it!
I was also impressed by speeds to the nearest Free plan VPN server to me. Although advertised as “slow,” these outstrip the speeds offered by many paid-for VPN services.
The Windows client has DNS leak protection, and indeed I detected no IP leaks. I also detected no IP leaks when using OpenVPN GUI 4.3.2.
I found ProtonVPN was blocked by US Netflix. The ProtonVPN FAQ states that BBC iPlayer is available using the service, but I found it blocked.
At present, custom software is only available for Windows. Manual setup guides are available for Windows (OpenVPN GUI), Mac (Tunnelblick), Linux, iOS (Open VPN Connect), and Android (OpenVPN for Android and Open VPN Connect). Custom DD-WRT router OpenVPN files are also supplied.
It should also be noted that the supplied OpenVPN config files should be usable on most platforms that support an OpenVPN client.
ProtonVPN Review: Conclusion
- Five simultaneous connections
- Speeds within Europe are blazing fast
- Secure Core (double VPN) network is fast and… secure!
- P2P torrenting permitted on selected severs
- DNS leak protection and kill switch
- Great Windows client
- Accepts payment in Bitcoin and cash
- Fantastic free service
I wasn’t so sure about:
- Swiss data retention laws
- Some (minimal) logs
- Tor through VPN
- Expect to wait a day for support
- Transatlantic speeds a bit meh
- Netflix and BBC iPlayer blocked
After ProtonMail, pretty much everyone was expecting something special with ProtonVPN. By-and-large, Proton has delivered. ProtonVPN is a very polished VPN service that is secure and very fast when connected to a nearby sever.
The Secure Core network is not quite as innovative as ProtonVPN would have us believe, but is nevertheless very well executed. I am impressed by how little impact jumping though an extra VPN server has on speed performance.
I would prefer to see no logging whatsoever, although the fact that the logs that are kept are overwritten on each new connection does help to minimize the privacy risk they present.
At present, ProtonVPN doesn’t offer any obfuscation technology to evade VPN blocks. However, it should be remembered that it is a brand new service. Developed by the same team that made ProtonMail the success that it is, we can expect to see additional features rolled out as time goes on.
ProtonVPN is an excellent and highly competitive premium VPN service, but the icing on the cake is its Free plan. You are limited to just three server locations, but with no data limits and speed results that are better than most paid-for services, ProtonMail Free truly is an exception to the golden rule that all free VPNs are basically rubbish.