WHAT’S IN THIS REVIEW?
Advertised as ‘The only free VPN with no ads and no speed limits’, does ProtonVPN live up to their promises?
A respected player in the online privacy sector, ProtonVPN does come packaged with a free tier that will be tempting for security-conscious users. As an offshoot of ProtonMail, they’ve made major strides over the past few years, and offer a great service when looking at the strength of their privacy features.
For the purposes of this review, I purchased the ‘Plus’ tier of ProtonVPN, to be able to access streaming sites and the full range of server options.
ProtonVPN punches above its weight in many regards, while it has received funding from large organizations such as the European Commission in recent years. The Swiss VPN has a variety of enhanced security features, although the MacOS app I tested was lacking in terms of protocols.
It scores well in terms of speeds and streaming, while the Free tier is better than many of the worst paid providers on the market. Proton VPN has been independently audited, and it has a capable client app.
What’s not to like? Read on to find out in our extensive ProtonVPN review.
One of the newer providers on the landscape, ProtonVPN was originally released in May 2017.
The VPN is owned by Proton Technologies AG, best known for their ProtonMail end-to-end encrypted email service which was developed by CERN and MIT scientists.
They’re based in Geneva, Switzerland, so they’re able to take advantage of online privacy laws which are some of the strictest in the world, while their email service was successfully crowdfunded in 2014 after reaching 550% of their original goal amount.
As they note; “Transparency, ethics, and security are at the core of the Internet we want to build and the reason why we built ProtonVPN in the first place.”
They’re supported by FONGIT (a non-profit foundation financed by the Swiss Federal Commission for Technology and Innovation), and the European Commission. The latter came in the form of a €2 million grant in 2019, as part of their Horizon 2020 program.
It is extremely easy to find out about ProtonVPN, thanks to a clear ownership structure and a dedication to providing transparency. Their address is clearly listed on their website, while there are no potential jurisdictional issues.
Pros & Cons
Here’s a rundown with the main pros and cons we found while using ProtonVPN, with an emphasis on the former.
ProtonVPN has a strong customer base thanks to its trusted policies and privacy. See what else this VPN service has to offer:
- Capable free tier
- Transparent, accountable business model
- Intuitive desktop app, packed with information and details
- Independently audited
- Multiple security and privacy features
- Based in Switzerland
- Simple money-back guarantee
- Very user-friendly app
- Paid tier includes NetShield for ad blocking and malware protection
While ProtonVPN has a lot to offer, there are a few disadvantages we wish weren’t so:
- Numerous features locked behind an expensive ‘Plus’ plan
- Slower speeds depending on the tier
- No WireGuard support
- Lack of servers in regions like Africa
- No protocol options on MacOS
Before diving in-depth, it’s worth mentioning that ProtonVPN has a typical range of features which enhance security.
For example, they have a Kill Switch, which will block all traffic to and from your IP if you lose connection to their servers unexpectedly. It comes with Tor support built-in, and protects against DNS leaks.
Secure Core architecture gives ProtonVPN the ability to defend against network-based attacks, as they explain;
“Secure Core protects your connection by routing your traffic through multiple servers before leaving our network. This means an advanced adversary who can monitor the network traffic at the exit server will not be able to discover the true IP address of ProtonVPN users, nor match browsing activity to that IP.”
These servers are located in Iceland, Switzerland, and Sweden, and were chosen due to the strong privacy laws in those locations. However, this feature is locked to Basic plan users, who will only have access to ProtonVPN’s normal servers.
Limited to paid users, NetShield works to get rid of ads, trackers, and malware. Essentially, it’s an ad blocker, that offers varying levels of protection depending on what you want. It’s configurable within the settings, although it’s probably no better than software you’ve already downloaded for free.
It works thanks to dedicated DNS servers, which will check a domain against databases to see if it has been flagged for malware, ads, or trackers in the past. If so, it blocks the resource from loading, which should also provide a small boost to speeds.
- Basic – $5 per month
- Plus – $10 per month
- Visionary – $30 per month
ProtonVPN has a tiered service, with four different plans on offer. It makes things slightly difficult at first, but at least there’s a decent amount of choice for the average user.
We’ll begin with the Free tier, which allows for one VPN connection, as well as connecting to servers in three countries. These are found in the US, Japan, and the Netherlands. Speeds were decent, while they’re happy to ensure that no logs are kept, even if they aren’t collecting payment. Above all, it’s one of the better free offerings you’ll find, and it’s a great way to introduce yourself to their service.
Moving onto paid plans; the Basic package allows for two simultaneous connections, as well as faster speeds compared to the free tier. You’ll also get P2P functionality, and access to servers in all 54 countries.
Next, Plus ups the connection speed further, along with allowing for streaming capabilities. This tier allows for five simultaneous connections, gives access to Secure Core servers, and other smaller benefits which are listed below.
The Visionary package costs a massive $30 per month, adding a ProtonMail account along with 10 simultaneous connections, and every Plus plan feature.
Payment can be made via credit card, PayPal or Bitcoin. The latter is an interesting option, allowing users to remain anonymous while making a purchase.
Lastly, their 30-day money-back guarantee will only give a proportional refund, as stated in their terms of service;
“You may cancel your account with a refund for any unused portion of the service period within 30 days of the initial purchase. Here, any unused portion of the service period refers to the prorated remaining full days of the subscription period. Refunds or credits beyond the 30 days window will be considered, but at the sole discretion of the Service.”
ProtonVPN operates with a strict no-logs policy, that has been verified following a review of their source code by SEC Consult. Their findings have been published online, and the Android report can be viewed here. They have additional security assessments which are available for MacOS, Windows, and iOS platforms.
As well as no session usage logs and no metadata, their logging policy states that:
- We don’t log which websites you visit
- We don’t log your traffic or the content of any communications
- We don’t log your IP address
- We don’t log your session lengths
- We don’t log or track any location-based information
They have a transparency report coupled with a warrant canary, although the page hasn’t been updated since May 29, 2020. It says:
“Under Swiss law, ProtonVPN is not obligated to save connection logs, and we adhere to a strict no-logs VPN policy. Therefore, we are unable to comply with requests for user connection logs, even if they are legally binding. Furthermore, under Swiss law, a Warrant Canary is not meaningful, because, under Swiss law, the target of a surveillance or data request must always be eventually notified, so they have the opportunity to contest the data request.”
Overall, it’s a trustworthy package that has been independently verified, and it has been released as open-source software for anyone to take a look at. ProtonVPN deserves credit for their transparency, and their commitment to keeping their users’ data safe.
As we’ve mentioned, ProtonVPN separates the speed of each tier depending on how much the user pays per month. For example, the Free tier offers ‘medium speeds’ (whatever that means), while Basic is ‘high speed’. The Plus version I was using offered the ‘highest’ speeds, so I was expecting good results considering the hefty asking price.
Here are normal connection speeds without a VPN, to give you a better idea of what I’m used to:
ProtonVPN has the option to switch to the fastest server, so I promptly obliged. Typically, London has the closest servers, and the same is true for ProtonVPN. Results are found in the image below.
Despite taking a slight hit, speeds were still above the 215 Mbps range, which is actually reasonably impressive. The upload speed was hardly affected, while ping only went up ever so slightly.
A bigger test would come when connecting to a US server, which will be of interest to anyone hoping to use the service for streaming content.
Download speeds were limited by roughly a third, and the upload speed was almost halved. It’s not insignificant, but nearly 200 Mbps is quick enough for most online tasks, even if it’s not really worthy of being called ‘Premium’.
Even so, ProtonVPN speeds are certainly faster than your average budget provider, and they’re great as long as you’re not being capped due to your tier. They couldn’t match my normal connection, but the results were decent.
Server Locations & Network
ProtonVPN has a total of 1,223 servers found in 54 countries around the world. It’s not a massive amount by any means, and they’re split between the various price plans. Free users get access to three servers, while Basic members get a choice of each country. Plus and Visionary members will get access to the Secure Core servers, which offer the best level of protection overall.
The Secure Core infrastructures in Switzerland and Sweden are located in underground data centers, while their Iceland servers are located within a former military base. They’ve gone to great lengths to ensure that their server network won’t be compromised in any way.
Their normal servers are owned and managed by the service, giving them more control over how the system works, and the level of security they can provide. Despite containing little to no personal data, all ProtonVPN servers are protected by full disk encryption.
Other VPNs may be able to provide a larger network, but few can match the capabilities of ProtonVPN’s Secure Core servers. It’s just a shame that they’re locked away, and can only be used by Premium/Visionary users.
Streaming & Torrenting
You won’t be able to unblock streaming platforms unless you’re willing to commit to the Plus plan, and the same is true for P2P/BitTorrent support. It’s a recurring theme, but one that makes sense as they aim to incentivise users to switch over to a paid tier. It also helps to keep speeds high for premium users.
In a guide for using BitTorrent with their service they note:
“ProtonVPN does not condone the use of BitTorrent to illegally share copyrighted material. Our support of P2P protocols is intended only for downloading and sharing legal content.”
Streaming is also a bit of a mixed bag. They have a guide that comes with an extensive FAQ, although streaming is reserved for Plus and Visionary users. This means that anyone with a Free/Basic plan will need to upgrade their subscription to be able to stream online content.
Platforms such as BBC iPlayer, Disney+, and Netflix worked with no problems, but you’ll probably have issues if you’re connected via the free plan.
As for platforms, their guide mentions that typically the “streaming feature is only supported on our macOS and Windows apps (and our Linux command line tool). However, there are a couple of streaming services you can watch on your Android or iOS device while connected to one of our Plus plan servers.”
They score highly in terms of how they deal with online censorship, which makes sense given their beginnings as an end-to-end email encryption service. You can find nine examples from the last year alone when protesters used ProtonVPN ‘to protect their right to free speech and access censored content’ here.
They include the Hong Kong protests, which saw visits to ProtonVPN spike by over 1,200% (while sign-ups increased by 3,000%). Others include when Belarus cut internet access across the country following a contentious election, or when the Azerbaijan government announced it would restrict internet access throughout the country after escalating tensions with Armenia.
Ironically, I had to switch to another VPN in order to sign up to ProtonVPN, as their website is being unlawfully blocked here in the UK by my ISP, along with a duo of larger phone networks.
ProtonVPN is clearly anti-censorship, and the software has been used regularly over the past 12 months in a number of different regions worldwide. Their Secure Core servers are a clear advantage here, as potential attackers will only be able to follow the traffic back to the edge of the Secure Core network, making it far more difficult to discover the true IP address and location of affected ProtonVPN users.
Platforms & Devices
As you’ll see in the image found below, the ProtonVPN client app is available on a typical range of mobile and desktop platforms.
They support Android and iOS, and they have native apps for Windows, MacOS, Linux, Chromebook, and Android TV. ProtonVPN can also be installed on a variety of different routers, including Tomato and OpenWRT models.
Free users will be restricted to just one connected device, while the Basic plan makes it two. You’ll get five simultaneous connections with a Plus account, while Visionary members get 10.
The ProtonVPN app is one of the better pieces of online security software I’ve used recently, with a desktop version that is packed to the brim with information. It can be expanded, and you can create profiles, or easily access Secure Core or Kill Switch features from the main page. There’s also a map on the right that can be expanded, showing the entire ProtonVPN server network.
There are setup guides for each of the platforms that can be found here.
Encryption & Security
ProtonVPN’s software is independently inspected, while all of their apps have been released on open-source platforms. It’s another example of their transparent approach, which is explained in more detail below:
“Another unique quality of ProtonVPN is our commitment to having independent security researchers inspect our software before releasing it publicly. Previously, Mozilla reviewed our implementations, organizational structure, and our technology as part of their due diligence for a partnership with us. Since then, we have initiated more thorough security-focused audits for all our clients.”
“We contracted SEC Consult, a leading security firm, to conduct the audits. Although such audits are expensive and time-consuming, we believe these are a critical step that must go together with open sourcing our code. Going forward, we will continue to do audits on an ongoing basis to have continual independent checks on our application security.”
One flaw I found was a distinct lack of options in terms of the protocols that were available. The MacOS app only supports IKEv2, so I was stuck with it. There’s no WireGuard support as of yet, although they have ‘set up the first WireGuard ProtonVPN servers for internal testing and experimentation’.
“We take data security very seriously. Access to our infrastructure and Secure Core servers is tightly controlled. All of the ProtonVPN servers are encrypted and we do not log VPN session data. Offline backups may be stored periodically, but these are also secured. For users with heightened security needs, it is possible to optionally i) enable 2FA on account access ii) enable login history so that suspicious login attempts can be tracked iii) remove the linked recovery email iv) pay anonymously with cash or bitcoin.”
Despite the quality of their free service, it’s always going to be tempting to switch to a paid ProtonVPN plan. However, it’s notable that there are no limits in terms of their logging policy with the lite version, while there are no bandwidth caps either.
ProtonVPN scores highly in terms of privacy and trust, with unique Secure Core servers and a track record of keeping users’ data safe. It might not be the quickest VPN on the market, but it was capable enough, and I liked the feel of their app, which is extremely user-friendly.
A true privacy specialist, ProtonVPN is highly recommended if you’re worried about censorship, or if you need a VPN you can really trust. It loses a point or two for splitting their service, as most users would be able to benefit from features like Secure Core. However, it’s obtainable at any price point, and Visionary members are more like long-term supporters.
It’s not a powerhouse provider, but it does have a number of benefits compared to the biggest names in the game. ProtonVPN gains bonus points for releasing their open-source software to be independently checked and audited, and they’ve partnered with the likes of Mozilla in the past.
ProtonVPN is a clear step above your average provider, with benefits that far exceed any flaws that popped up during testing. You can try out the Free version for yourself with no obligations, as you won’t have to hand over any payment information to get started.