ProtonVPN is a Swiss-based no-logs VPN service by Proton Technologies AG, the company behind the innovative and highly respected privacy email service ProtonMail. Proton is headed by Harvard PhD candidate and CERN researcher Andy Yen, so it is no surprise that ProtonVPN is a very carefully thought-out product.
- Server Locations 16
- Average Speed 20.4 Mbit/s
- Simultaneous Connections 5
- Jurisdiction Switzerland
- Five simultaneous connections
- DNS leak protection and kill switch
- Accepts payment in Bitcoin and cash
- Secure Core (double VPN) network is fast and… secure!
- No logs
- WebRTC IPv6 leaks in Windows and Android
- Netflix and BBC iPlayer blocked
Alternative VPN Choices for You
Swiss-based Proton Technologies AG has now also introduced a Virtual Private Network (VPN) service. Given the deservedly good reputation of ProtonMail, it is not surprising that expectations for ProtonVPN are very high. Read on to find out if ProtonVPN lives up to these expectations!
ProtonVPN offers four distinct plans, each of which offers a 20 percent discount if you purchase an annual subscription (except for the Free VPN plan, of course).
ProtonVPN won our Best Free VPN 2019 Award for good reason. Unlike most other “free” VPNs, it provides a largely unlimited service which is so good that many users may feel no need to upgrade to a more premium plan.
The primary limitation is access to only seven VPN servers located in Japan, the Netherlands, and the United States.
There are no bandwidth or speed limits, although the inevitable increased load on the free server’s means that speeds are not as good as when using ProtonVPN’s premium servers (at least in theory – in practice we found free servers to be almost as fast as the premium ones!).
Free users cannot P2P download using this VPN, and are not be able to unblock streaming services such as Netflix. Only one simultaneous connection is allowed, but there is nothing to prevent you from signing up to multiple free accounts.
In the past, it was necessary to verify free accounts with an SMS message sent to your phone, so we are pleased to note that it is now possible to verify accounts using just an email address. And a disposable email address works just fine for this.
The main limitations for most users with this plan are only two simultaneous connections and no access to ProtoVPN’s special streaming servers. You otherwise get access to all of ProtonVPN’s high-speed standard server network, including servers where P2P torrenting is allowed.
This is the main plan with 5 simultaneous connections and access to all of ProtonVPN’s features.
This is the Plus plan with a subscription to the ProtonMail Visionary Plan and an additional five simultaneous connections thrown in. It has to be said that the Visionary Plan does not make strong economic sense for most users when you look at the regular pricing for ProtonMail, so is probably only likely to appeal to businesses and those who wish to support Proton above and beyond the call of duty.
If you sign-up for the Free Plan then you are automatically offered a 7-day 100% free trial of the Plus plan.
ProtonVPN accepts payment via card or PayPal. It is also possible to pay via Bitcoin once have an account. Not so well advertised is the ability to pay in cash or via direct bank transfer if you contact support.
Supported Payment Platforms
Bare metal or virtual servers
ProtonVPN offers various plans with higher-priced plans providing access to a greater number of features, as shown below:
This is a review of ProtonVPNs “Plus" plan. This provides full access to all of ProtonVPN’s mainstream features:
- No logs (see the Privacy and Security section below for full details)
- 5 simultaneous connections
- P2P torrenting allowed on selected servers (including US servers)
- Full access to all 350+ servers in 31 countries
- Full access to Secure Core and onion servers
- Tor through VPN
- Transparency report and warrant canary
All servers used by ProtonVPN are bare metal single–tenancy physical servers.
This is a “double-VPN” feature aimed at protecting users from time correlation attacks, which basally just means monitoring connections as they enter and leave a server in order to correlate them with behavior of interest on the internet.
Such attacks are not easy to pull off anyway, but routing connections through two servers located in different jurisdictions makes an already hard job even harder.
It is still possible to perform traffic analysis on the initial Secure Core server, but ProtonVPN has mitigated against this by locating these only in countries with very strong privacy laws and by protecting them with a very high standard of physical security.
Furthermore, “Secure Core servers are connected to the internet using our own dedicated network with IP addresses that are owned and operated by our own Local Internet Registry (LIR).”
Secure Core is undoubtedly unnecessary overkill for the vast majority of VPN users but does provide meaningful extra privacy for those concerned about targeted surveillance from state-level actors.
The mark of a good privacy VPN service is privacy by design, and Secure Core shows that a lot of thought has been put into designing ProtonVPN.
Tor over VPN
ProtonVPN allows you to transparently connect to Tor (onion) servers through the VPN. In this configuration, you connect first to a VPN server, and then to the Tor network before accessing the internet.
This makes connecting to the Tor network very easy and means you do not need to install Tor Browser. It prevents your ISP from knowing that you are using Tor, hides your real IP address from the Tor entry node, and allows you to access Tor Hidden services (.onion dark web sites).
It should be noted, though, that a similar effect can be achieved by using Tor Browser when connected to any VPN service. Indeed, this configuration is more secure than the Tor over VPN setup offered by ProtonVPN.
Speed and Performance
At the time of writing this review we only have a few days’ worth of speed test results available, so we will need to update this section once we have collected more data.
What we do have shows average speeds of 15.2 Mbits/s, and max speeds of 73.9 Mbits/s. Which are perfectly acceptable, but nowhere near as good as the fastest services out there. That said, as our more informal tests below show, real-world performance is strong.
An average DNS lookup time of 0.94 seconds is somewhat on the slow side, while a 4.1 second connection time is about average.
It’s not nearly as scientific as our full speed tests, be we also wanted to get a rough idea about how using the free service and Secure Core affects internet performance. Tests were performed from the UK.
As we can see, the difference between using a free and non-free server in the Netherlands is negligible. Given that our data was being routed to Belgium via Iceland, we are also very impressed at how fast Secure Core is.
We detected no IP leaks of any kind in Windows and macOS, including WebRTC and IPv6 leaks. We cannot currently test IPv6 on mobile devices but detected no IPv4 WebRTC leaks in Android or iOS.
Ease of Use
Custom VPN apps are available for Windows, macOS, Android, and iOS. A command line Linux script is also available for auto-configuring and controlling OpenVPN (which must be installed separately, along with various other packages). A manual IKEv2 setup guide is also available for Linux.
The ProtonVPN Windows Client
The Windows client is smart looking and provides a ton of useful information. The cool looking server map is mainly for show, but once connected, the app shows useful session traffic statistics. The Windows app uses the OpenVPN protocol (UDP or TCP).
Selecting a country will auto-connect you to a server in that country – you can specify by speed or randomly. Alternatively, you can select individual servers. These are all clearly labeled as to whether they are available to free users, can be used or P2P, or support Tor over VPN. They also show server load to help you pick a fast server.
The kill switch is firewall-based, but does not use the Windows system firewall. This means if the OpenVPN daemon suffers a crash then your real IP will be exposed. The kill switch otherwise works well. DNS leak protection is enabled by default, and as we have seen, it works well.
Unique to the Windows app is split tunneling. This allows you to decide which apps do or don’t use the VPN, and to exclude or include specified IPs. It is worth noting that spilt tunneling does not work with sites or services that resolve to multiple domains, which includes Netflix, Amazon, BBC iPlayer, and many other popular streaming services. But this a shame, but is an inherent limitation of the technology.
The macOS, iOS, and Android apps use the IKEv2 VPN protocol. None of them feature a kill switch, although they all feature “Always-on VPN” which re-establishes a dropped VPN connection quickly and automatically.
A leak is still possible while this happens, however, although Android 7.0+ users can also manually enable Block connections without VPN in their system settings to create a proper kill switch.
Other than a FAQ-style support page, which is not extensive but which does seem useful, support is only available via email and can take a day or two to respond (about one day in our experience) We were nevertheless impressed by the quality of the answers when they arrived.
Privacy and Security
ProtonVPN logs a timestamp of the last successful login attempt. This is stored indefinitely but is overwritten each time you log in. By default, IPs are not logged. This logging setup meets our no logs criteria, as is poses minimal threat to users’ privacy.
Switzerland is generally regarded as a good place to base a privacy company thanks to its strict privacy laws, the fact that it is not subject to EU legislation, and is not a member of the Five Eyes (or even Fourteen Eyes) US-led spying alliance
On the other hand, Switzerland has passed some alarming new surveillance laws. These require Internet Service Providers (ISPs) and telecoms operators to store detailed metadata connection logs for 12 months. What isn't clear (because the wording of the laws themselves isn't clear) is whether these logging requirements apply to email and VPN services.
Proton says it has received assurances from both the Swiss government and its own lawyers that the new laws do not apply to VPN or email services based in the country, but on both counts, it has been unable to provide hard evidence of this.
Protocols and Encryption
The Windows client and Linux script use OpenVPN, while the macOS, Android, and iOS apps use IKEv2. OpenVPN is known to be highly secure if properly configured, while IKEv2 is theoretically very secure and is usually faster than OpenVPN. ProtonVPN uses the following OpenVPN settings:
Data channel: an AES-256-CBC cipher with HMAC SHA-512 hash authentication.
Control channel: ProtonVPN supports a number of cipher suites, the weakest of which is an AES-256 cipher with RSA-2048 handshake encryption and HMAC SHA-1 hash authentication. Perfect forward secrecy is provided by a Diffie Hellman key exchange (key length unknown).
Even at its weakest settings, this setup is secure. IKEv2 uses an AES-256 cipher with RSA-2048 handshake encryption, which, again, is secure.
As already mentioned, ProtonVPN uses only bare metal servers and none of the software we tested suffered IP leaks of any kind. It is also possible to pay for the service in Bitcoin and even cash.
Obfuscation tech for evading VPN blocks is limited to using OpenVPN TCP (presumably port 443) to disguise VPN traffic as regular HTTPS traffic. This can be quite effective but is defeated using even fairly basic Deep Packet Inspection techniques.
The website uses a number of trackers, including Google Analytics (GA). Proton has told us, however, that GA is not used on sensitive pages.
ProtonVPN publishes a transparency report and operates a warrant canary. A transparency report is nice, but still requires trust in Proton to report all incidences. According to ProtonMail’s similar transparency report, Proton has complied with a couple of requests for data that weren't backed up with a valid court order. In both cases, the circumstances appear to justify such a decision. It seems that ProtonMail was able to supply very little information, anyway.
We are somewhat dubious about the real value of warrant canaries, but many people find them reassuring.
It is very hard to find any real fault with ProtonVPN. It is a fast and secure VPN service with lots of servers, some innovative ideas, and great software. It also shows a strong dedication to privacy, as befits the fearsome reputation ProtonMail has built in this regard.
Our only real criticism is that we would like to see proper kill switches in macOS and iOS, although this issue is mitigated to a certain extent by the “Always-on VPN” feature in both apps.