ProtonVPN – Review 2020 – PCMag Asia
ProtonVPN isn’t the biggest, the flashiest, or even the cheapest VPN, and yet it’s one of the best services available. It places an enormous emphasis on security and user privacy, and has an excellent client that’s very easy to use. It also offers a suite of advanced privacy tools usually reserved for far more expensive products. For all that, and its amazing free version that has no limit on data usage, it’s an Editors’ Choice winner and one of the best VPNs. If you’re dipping your toe into VPNs, it’s a great way to start with no risk.
What Is a VPN?
When you activate your VPN, it creates an encrypted tunnel between your device and a server operated by the VPN company. Sending your traffic through the tunnel keeps it hidden from anyone on the same network as you, and from your ISP that is all too willing to sell your anonymized data. A VPN also hides your true IP address, making it harder for advertisers to track you across the web. If you select a distant server, you can even spoof your location to appear in a distant country.
VPNs are valuable tools for improving your privacy online, but they can’t do everything. I still recommend that everyone use a password manager, activate two-factor authentication wherever it’s available, and install an antivirus app.
ProtonVPN Pricing and Features
Most VPN services offer the same set of features across all pricing tiers. For those services, the tiers are less about upgrades and more about longer-term subscriptions at a reduced rate. ProtonVPN goes in the opposite direction. There is a 20 percent discount for annual versus monthly subscriptions, but more generous features are unlocked or added as you move up the four price tiers.
On its pricing page, ProtonVPN includes speed classifications for its subscription tiers. These are just estimations based on the expected number of users. ProtonVPN does not throttle your speeds, regardless of the subscription you use. The Free subscription has “Low” speeds because ProtonVPN expects it will have many users crowded into a few servers, while the paid subscriptions have “High” speeds because they have access to more servers and fewer users per server.
The first subscription tier of ProtonVPN is its free offering, which includes just three VPN server locations, and only allows one device to be connected at a time. You’ll also have to create an account with ProtonVPN in order to access even its free tier. Despite those limitations, ProtonVPN is unique in that it does not limit the amount of data a free subscriber can use, as mentioned earlier. TunnelBear VPN’s free offering limits you to 500MB of secured traffic per month, Hotspot Shield limits your bandwidth to 500MB per day, and KeepSolid places no data restrictiosn on its limited free version. Other free VPNs pile on other restrictions. Because of all that, I recommend ProtonVPN over all the other free VPNs I’ve tested.
The second tier is ProtonVPN Basic, which costs $5 per month ($48 annually). This tier grants access to all the VPN locations ProtonVPN has to offer, but limits you to just two devices. P2P file sharing is allowed at this tier. Mullvad offers unfettered access to its service for a smidge more, at $5.54.
For this review, I signed up for a $10 per month ($96 annually) Plus account, which is the third of four pricing tiers. This is dead-on for the average monthly price of a VPN, and still less than competitors with similar features, such as NordVPN. This tier lets me access all the VPN servers in ProtonVPN’s network, and use up to five devices—the average for the industry. This tier grants access to Plus servers. These are servers restricted to the highest two tiers of ProtonVPN, and intended to be less crowded and therefore higher performing. Plus subscribers also get access to the Tor annonymization network, a rare feature. You don’t need to use a VPN to access Tor, but it’s nice to have. There are also specially designated servers for streaming media at the Plus level.
The Plus tier also includes access to Secure Core servers, which are a bit unusual and merit further explanation. These are servers owned by ProtonVPN and kept in secure facilities (in one example, an underground demilitarized NATO bunker). This way you can be assured that no one has tampered with the servers, to expose your information. When you connect via Core Servers, your VPN connection makes two hops. First, from your device to the Core Servers, and then onward to the VPN server you select.
While a VPN protects your data with its encrypted tunnel, that doesn’t mean anything if an attacker has taken control of the VPN server. What the Core Server scheme does is guarantee that your information is secure from your computer to the Core Server, which is under lock and key. If the next VPN server you connect to after the Core Server has been compromised, whoever has taken control won’t be able to glean anything about you because your traffic will appear to be coming from the Core Server and not your actual computer. This is similar to Tor, but Tor goes above and beyond with many more hops in between you and your destination.
Unsurprisingly, this comes at a pretty hefty tradeoff in terms of speed and performance, but is a unique feature that should put even the most paranoid mind to rest. Other companies may offer similar multihop VPN connections and CyberGhost also boasts about the integrity of its NoSpy data center. ProtonVPN brings it all together.
If all that is insufficient, you can upgrade to a $30 per month ($288 annually) Visionary plan, the top of the four pricing tiers. This includes all of the features listed in the previous tier but raises the number of devices that can be simultaneously connected to 10. What you’re really getting with a Visionary plan is access to the highest paid tier of ProtonMail, the encrypted email service also operated by ProtonVPN. That means 20GB of ProtonMail storage, 50 email aliases, support for 10 email domains, and up to five users on a single email account.
ProtonVPN subscriptions can be purchased via major credit card or PayPal. You can make Bitcoin payments, but only when you upgrade from one plan to the other; you can’t create a paid account using Bitcoin. TorGuard, to name just one, is a VPN service that gives you far more options for making anonymous payments. That said, ProtonVPN has announced its own cryptocurrency, suggesting that anonymous payments could someday come to the forefront.
VPN Protocols
VPN technology has been around a long time, and there are lots of different flavors of encrypted tunnels to choose from. I prefer VPN services that make use of the OpenVPN protocol, which is thoroughly vetted by virtue of being open source and has a reputation for being fast and reliable.
ProtonVPN tells me that it uses OpenVPN UDP/TCP in its Windows app and IKEv2, another good protocol, in all of its Android, iOS, macOS, and Windows apps. I’d like to see it deploy OpenVPN more widely, although that might matter less with the arrival of the super fast, experimental WireGuard protocol.
Servers and Server Locations
In terms of distribution, ProtonVPN covers a respectable 44 countries, a little below the 52 countries provided by VPNs on average. CyberGhost covers 90 countries, and ExpressVPN an impressive 94. More server locations is good because it means you’re more likely to find a VPN server near to you, giving you better performance. It also means more options for spoofing your location.
ProtonVPN deserves credit for improving its geographic distribution. The company now offers server locations in Africa, an entire continent often ignored by VPN companies, as well as servers in locations in India. ProtonVPN has one location in South America, another oft-ignored locale. I’d like to see more options in all of these regions, but ProtonVPN does better than most.
ProtonVPN provides servers in Hong Kong and Russia, but not in other regions with government restricted access to the web, such as Turkey, Cuba, and others. Having servers in these regions does not necessarily allow users to circumvent censorship, but it may provide a modicum of security and privacy to the populace.
ProtonVPN has one of the smallest networks of servers, but it’s also one that has grown steadily over the years. It now stands at 628, which is a far cry from the 5,000 or more available from CyberGhost and NordVPN. While numerous servers are cartainly nice, they don’t necessarily mean better service.
Some readers have expressed concern about VPNs using virtual servers. These are software-defined servers, meaning that a single, physical server can play host to many virtual ones. These can also be configured to appear as if they are in a country other than their physical host. The concern is that people want to know exactly where they are connecting, and through which countries their information is passing.
A representative for ProtonVPN tells me that the company only rents “bare metal” servers that are dedicated to ProtonVPN, meaning they are not shared with other renters. That’s not to say that using virtual servers is bad. GoldenFrog VyprVPN, for example, uses virtual servers in locations it regards as secure in order to service locations where the company cannot guarantee the safety of its hardware.
Your Privacy With ProtonVPN
It’s important that every VPN company respect your privacy and protect your personal information. After all, the main reason to use a VPN is to limit access to your personal information. The company’s privacy policy clearly lays out this, and more, in just a few short paragraphs. It’s not as short as TorGuard VPN’s policy, nor interactive, like TunnelBear’s, but it’s clear and concise. I’ll do my best to summarize here. In general, it seems that ProtonVPN is living up to its stated goals of protecting user privacy and security—both through its policies and its hardware and technology practices.
In conversations with me and in the company’s documentation, ProtonVPN says it does not log user activity. In order to prevent brute-force password attacks, it only stores a timestamp of the last successful login, which is overwritten after the next login. That’s excellent.
A representative from ProtonVPN tells me that ProtonVPN only makes money through subscription sales, not by selling user information. ProtonVPN is owned by the parent company Proton Technologies AG, and is based in Switzerland and operates under Swiss law. As such, it only responds to requests for information from an approved Swiss court order, which also requires that the individual who is the target of the investigation be notified. That’s in stark contrast to the practice of the US sending National Security letters to companies, requiring information and preventing them disclosing the request. Even if ProtonVPN were required to respond to a request, it would only supply login timestamps. The company’s transparency report indicates it has not responded to any requests for information. This is all excellent from a privacy and security standpoint.
ProtonVPN recently open-sourced its apps, and notes that its service passed muster with Mozilla. That’s good, but it hasn’t undergone a no-logs or infrastructure security audit. TunnelBear, for examples, has committed to annual audits of its service.
In terms of physical security, ProtonVPN says it limits access to its hardware and encrypts its servers so the loss of one would not affect the rest of the fleet. Other VPNs have gone further, having their servers run only in RAM. The company also says that it will inform the public about any data breaches, “as soon as it can be guaranteed that disclosing the information will not put users at risk.”
Security is really an issue of trust. Even if a company does everything right, it doesn’t matter much if you, the customer, don’t trust them. I recommend that consumers consider this information, and choose a service based on which company they feel they can trust.
Hands On With ProtonVPN
ProtonVPN offers clients for Android, iOS, macOS, and Windows. The company provides detailed instructions on how to configure a Linux machine to use the service. I had no trouble getting ProtonVPN’s Windows app installed on a Intel NUC Kit NUC8i7BEH (Bean Canyon) desktop running the latest version of Windows 10.
Because ProtonVPN puts such a heavy emphasis on user privacy and technological excellence, I expected ProtonVPN would lack basic features and be a generally unusable mess. I was pleasantly surprised that ProtonVPN is a slick and well-designed app that’s easy to use and doesn’t skimp on features. Moreover, it’s continued to be a pleasure to use over the years.
When you start up ProtonVPN, it appears as a skinny window similar to a mobile app. There’s a very obvious button that quickly gets you online, which I appreciate. The app also shows your connection status, a selection of servers so you can quickly change VPN location, and a toggle switch for the Secure Core servers. Clicking the small grey arrow in the upper right expands the window to reveal ProtonVPN’s servers spread out on a map along with a real-time assessment of network traffic.
You can search or browse the available servers, and I particularly like that you can drill down to the specific servers within a location. The app also displays how much load a particular server is experiencing, whether they are Plus servers (that is, servers reserved for Plus users), and which are specialized servers for Tor, streaming, file sharing, and so forth.
In addition to the specialized servers, ProtonVPN includes Profiles for specific activities. Two Profiles are included by default, one for connecting to the fastest server and another for connecting to a random server. You can also create your own Profiles to meet your unique needs by specifying a country and a specific server within that country with which you wish to connect. You can name your profile, mark it with a color, and require that it use the Secure Core servers, too. I recently realized that unlike most VPNs, ProtonVPN doesn’t let you mark a server as a favorite—that’s what Profiles are for. This is a pretty advanced feature, but you can easily ignore it if you’re not interested.
ProtonVPN does include a Kill Switch that halts web traffic on your machine should the VPN link become disconnected. That prevents your traffic from being exposed, even if only briefly. The app also includes an easy tool for split-tunneling—that is, routing the traffic from specific apps or IP addresses either into or outside of the VPN tunnel.
Ideally, a VPN will not leak information about your ISP, your true IP address, or your DNS requests. In my testing with the DNS Leak Test tool, the server I used protected my information. Note that I only tested one server. Other servers may not be configured correctly.
ProtonVPN and Netflix
It’s really difficult to watch Netflix with a VPN because Netflix wants to enforce its distribution deals.
In my testing, I found that Netflix was not not-blocked but failed to load while connected to a US server. After manually selecting a Premium server, as ProtonVPN advises you do when watching Netflix, I found I was out and out blocked. This could be an issue. That said, the conflict between VPNs and streaming sites is ongoing, and what works today may be blocked tomorrow.
Beyond VPN
Many VPN companies try to sweeten the pot by adding additional features beyond VPN protection. TorGuard, for example, offers access to a 10GB network and static IP addresses. Other VPNs claim to block malware at the network level, although we don’t recommend using these instead of stand-alone antivirus software. Ad blocking is another popular feature, appearing in NordVPN, Private Internet Access, Cyberghost, TorGuard, and PureVPN.
ProtonVPN does not offer static IP addresses for purchase, which is a bit of a disappointment. A static IP address is a “clean” address that is unlikely to be blocked. A company representative has told me that ProtonVPN may offer static IP addresses in the future. ProtonVPN also does not include ad, tracker, or malware blocking. While I like to see these features, they can only complement and not replace standalone solutions, so their loss is no great issue. The highest ProtonVPN tier does provide access to the highest paid tier of the encrypted email service ProtonMail, although this service can be used for free or purchased separately at a lower price.
Speed and Performance
When you use a VPN to secure your web traffic, your data won’t be taking the optimal route to and from the internet. Jumping through the extra hoops of a VPN server and the extra data cables involved tends to increase latency while reducing upload and download speeds. To get an impression of that impact, I perform a series of tests using the Ookla speed test tool. (Note that Ookla is owned by Ziff Davis, which also owns PCMag.) Read my feature on How We Test VPNs for a complete breakdown of our methodologies, as well as the limitations of our testing.
In my testing, I found that ProtonVPN increased latency by 58.8 percent, reduced upload speed test results by 65.5 percent, and reduced download speed test results by 49.8 percent. These are excellent results, and a staggering improvement over last year’s figures. The only reason it’s not included in our fastest VPN chart is because its upload results were just outside the median for that category, which was our cutoff for inclusion.
You can see how ProtonVPN compares in the chart below with the top performers among the nearly 40 services we tested.
In my testing, I found that Hotspot Shield VPN had the best download and latency scores, making it a shoe-in for the title of fastest VPN. However, it’s extremely notable that Surfshark has a significantly lower impact on upload speeds than any VPN I’ve yet tested. Keep in mind that while my testing is useful for comparison, it may differ greatly for you. Also, I believe that security, privacy, and overall value are far more important differentiators than speed, which should not be the primary consideration when choosing a VPN.
Does ProtonVPN Get Faster if You Pay More?
ProtonVPN is unique in that it makes more servers available at higher pricing tiers. It also has a limited free option, and Core Servers, all of which have an impact on speed. Because I am nothing if not thorough, I re-ran my tests to compare the various means of connecting via ProtonVPN. My results are shown in the charts below. For the Free, Premium, and Secure Core tiers I let the app choose the server. I manually selected a Basic server.
The chart above demonstrates a pattern that repeated througout my testing. The Basic and Premium tiers were closely tied, as were the Free tier and Secure Core servers. My testing showed that that the Free tier had a 98.2 percent reduction in download speed test scores, the Basic tier a 61.5 percent reduction, and the Premium tier a 54.9 perent reduction in speed test scores. Using Secure Core reduced download speed test results by 96 percent, slightly better than the Free tier.
The upload speed test results saw a similar breakdown. The Free tier reduced upload speed test scores by 83.5 percent, the Basic tier by 60.8 percent, and the Premium tier reduced upload speed test scores by 72.7 percent. Enabling Secure Core reduced upload speed test results by 80.8 percent.
The pattern seen throughout testing was most pronounced in latency testing, to the point where the chart above is of questionable utility. My testing showed that the Free tier increased latency results by 8,546.1 percent, likely a result of fewer servers being available. Free and Basic were closely tied, increasing latency results by 61.9 and 60.9 percent, respectively. Unsurprisingly, Secure Core servers had the most dramatic results, increasing latency results by 9,839.1 percent.
There are a couple of conclusions that I can draw from this. First and foremost, it demonstrates that the eccentricities of the VPN server you use have an enormous impact on performance. Second, the difference between the Basic and Premium servers is very small. This was echoed in the same tests I ran last year.
Conventional wisdom would dictate that a limited number of servers and a large user base would result in worse performance. While these results do prove that out, it’s not nearly as dramatic as you might expect.
Lastly, while the Core Servers will increase your latency like nobody’s business, the impact on performance is not necessarily catastrophic. In fact, it’s about the same as using the Free service.
Smart and Flexible
At first blush, ProtonVPN’s restrictively tiered pricing plans might seem a bit off-putting, but those tiers provide flexibility most competitors can’t match. The company also offers a rare, truly free experience that doesn’t limit your bandwidth or push ads. ProtonVPN has staked its reputation as a privacy-focused company, which is a refreshing change after seeing so many other VPNs emphasize speed and video streaming. It also has a remarkably good-looking client, which is not something every VPN can claim. All that, coupled with the company’s focus on technological excellence, is a powerful combination.
Since we first reviewed ProtonVPN, the service has doubled in size and reach and improved its speed test results as well. The company has shown that it can scale up its product without sacrificing security. It’s got a bright future, but is also a great choice right now. It’s an Editors’ Choice winner along with Surfshark and TunnelBear.