A virtual private network, or a VPN, allows anonymous browsing on the Internet. The connection to one of them allows the origin of the traffic to be hidden -the one we generate- and the IP addresses detected by the origin server to be those of the virtual private network. But no, not all VPNs work in exactly the same way. Most offer some type of encryption technology, but there are other features related to privacy and security that must be checked to know which are the best free VPN.
How do you know which is the best VPN, or based on what criteria?
The data is from TorrentFreak and, as they explain, several aspects are taken into account. The first one, if the VPN maintains some type of registry that allows to relate an IP address with a brand, of any type, that identifies its users. And regarding this same, they question what is the exact information that is recorded and for how long. In addition, in a second point they question the name of the company and the jurisdiction under which it operates; and also review which tools are used for monitoring and mitigating abuse of the VPN service.
There are other criteria that are taken into account such as the use of external providers such as Google Apps, Live Support, Zendes – and others – that may contain information provided by users; or what would be the decision of the VPN in case a DMCA request is received from outside the United States. All this has to do with security and privacy, as well as the question in which they contemplate the steps that would be carried out if a court ordered the identification of a user or the registration of their activity.
In this comprehensive analysis of the best VPNs of 2019, you have also wondered if BitTorrent is allowed, and other forms of file-sharing traffic on your servers. Otherwise consult the why, and extend asking if a port forwarding service is available, or if certain ports are blocked. Also, these virtual private network service providers have been asked which payment systems are used, and if measures are taken so that the payment information can not be linked to the users for their identification. It has been consulted about the encryption algorithm as well, and about some other technical issues. Now, let’s see what are the best VPNs of 2019 to navegard privately.
Private Internet Access
Private Internet Access does not store any records of traffic, sessions, DNS or metadata for any person or entity. There is no information that matches a timestamp or an IP address and the company is registered in Indiana as London Trust Media Incorporated. For the mitigation of abuses, they have an active and proprietary system, and they use the Google Apps (in Suite) and Google Analytics, but with demographic data tracking disabled, and anonymizing the IP addresses of their users. While its maxim is privacy, there are no records and users are not monitored in any way.
They have never received a court order, but each citation is examined in order to comply with the law in accordance with its principles. And as for BitTorrent, not only exchange traffic is allowed but it is treated in the same way to other traffic. Traffic is not censored, and only routed in a second VPN in some cases. For the payment, in this company they use PayPal, Stripe, Amazon, Google, Bitcoin and other options, without any connection to the users. In addition, encryption AES-256 + RSA4096 + SHA256 is used
As with the previous one, NordVPN does not keep a record or time stamps that make it possible to identify customers and users, and it operates under the jurisdiction of Panama as Tefincom SA. For the monitoring and mitigation of service abuses, they only have an automated tool that limits the maximum number of simultaneous connections to six; and of course, the server load is analyzed to optimize the service and give the highest Internet speed possible. It makes use of third-party data processors such as Crashlytics, Firebase Analytics and Appsflyer, in addition to Google Analytics or Zendesk. But a confidentiality contract is maintained with them so that customer data is never used for their own purposes, nor information disclosed to third parties.
DMCA applications do not affect them because they operate in Panama, and they would only have to comply with judicial orders from courts in Panama. However, they do not have any information about their users beyond their email and basic payment information. Alipay, Yandex, cryptos and other forms of payment are used and can not be related to customer information. On the other hand, they ensure that BitTorrent and similar traffic is not limited and that your VPN is optimized for it. There is no forwarding of ports and SMTP25 and NetBIOS are blocked. For encryption, AES 256 GCM is used as an algorithm.
ExpressVPN does not record any connections or activity; You can not even determine if a user has connected to the VPN at a particular time, what IP address he used or what activities he has carried out. The company is Express VPN International Ltd. and operates in the British Virgin Islands. As explained by the company, none of the users is monitored or registered, and reserves the right to block specific abusive traffic for the protection of the rest of the clients and the server’s network. From third parties, the software used is Zendesk and SnapEngage; and both have been analyzed to have security guarantees, although Google Analytics is also used.
As long as there is no data that identifies users or their identity, it does not matter if they receive DMCA notifications. On the other hand, at the legal level they are only obliged to respect the judicial orders of the government of the British Virgin Islands, or in conjunction with their authorities through the corresponding mutual legal assistance treaty. The usual thing is that the researcher is informed that there is no data on users and activity. On the other hand, all traffic is allowed, including BitTorrent, and as a payment method, local, Bitcoin, PayPal and other options are accepted, never allowing linking with identification information. For encryption, AES-256-CBC is used.
TorGuard does not save any records either, and shared IPs are used to maintain maximum privacy. They ensure that it is impossible to match any IP address or user name with identification data. It operates under the jurisdiction of the United States as VPNetworks LLC and its service uses customized software for the monitoring of servers and network performance, and its own rules are used for the detection and blocking of real-time abuses, also limiting the maximum simultaneous connections. It makes use of Google Analytics, with anonymous data, and of Livechantinc and Sendgrid as third-party software.
Regarding DMCA notices, they are processed immediately, but no request can be forwarded due to the lack of registration of user information. In case of receiving a court order, if it were valid it would have to explain in detail the configuration of the network with shared IP addresses and the fact that there are no identification records of any kind. BitTorrent traffic, or P2P of any kind, is not blocked, and port forwarding is provided via OpenVPN. For payment there are more than 200 different options and it is impossible to link with identification data; In addition, AES-256-GCM encryption is used, with 4096bit RSA and SHA512 HMAC.
Like the previous services, the iPredator VPN does not perform IP address registrations either, and the temporary information about the session is removed from the database as soon as the session ends. The company operates in Chile as PrivActually Ltd., and abuses or attempts of abuse are mitigated directly by its operators. Users’ traffic is not monitored in any way and TCP / IP sessions are not limited individually but by server, to 10 million maximum established. There is also no tracking on users, and third-party products such as Gmail, or ticketing system are not used.
Legal requests are examined according to legal frameworks and reacted accordingly. Before changing their policy to analyze user data for legal reasons, they say, they would close their service. They add that file exchange traffic, including BitTorrent, is allowed, and that port forwarding is not necessary. PayPal, Bitcoin and Payson are used for payments, among others, under express request, and an internal ID is used to link data. For encryption, iPredator uses AES256.
In this case, only the timestamp relative to the last successful login attempt is monitored, but it is overwritten with subsequent ones and this does not contain any user identification information. The IP address is not collected, the company operates in Switzerland and is registered as Proton Technologies AG. As they explain, internal tools and their own systems are used to guarantee the highest quality of the service and mitigate attempts of abuses against it. Only anonymous Google Analytics data is used, and you are migrating to a local Manomo installation, along with Zendesk for customer service.
In the case of DMCA applications or non-US equivalents, the demand could never be connected to a specific user. Only the limited data held about the users can be disclosed. But because of its ‘no registration’ policy, there is no information about their activity. P2P traffic is allowed without limitations in all plans, but by the laws of the countries where the servers are hosted, it is possible that in some cases the traffic will be channeled through countries compatible with P2P. For payment, credit card and PayPal are used, and in no case are complete data kept, besides that anonymous and bitcoin payments could be used. And for encryption, AES-256 is used.
HideIPVPN stores records of IP addresses, and there is no way to link an IP-of the VPN-with the activity of its users. The company is Server Management LLC and operates under the jurisdiction of the United States. They explain that a subscription can be used simultaneously for three connections, and that IP traffic is blocked exclusively where it is not allowed, in addition to blocking port 25 for outgoing mail to avoid spam. The linked third party services are Google Apps for incoming mail and tak.to for live chat.
While they do not store records on their servers, DMCA requests can not be addressed. In case of a court order, information about a client could be disclosed. However, since there is no record and shared IP addresses are used, only billing data could be provided, which they claim has never happened. P2P traffic is allowed without limitations except for servers in the US, UK, Canada, Poland, Singapore, Australia and France; PayPal, Bitcoin, credit and debit cards and others are used for billing and the data is stored in the billing system itself.
Hide.me does not keep any record; It is headquartered in Malaysia and is registered as Eventure Limited. No controls are carried out on individual connections and, to mitigate abuse attempts, general firewall rules are used on specific servers with specific IP ranges. Google Analytics is used, among others, but in no case is personal information of any kind shared with suppliers about its users.
As for the requests related to copyright, you can not respond to court orders because the infrastructure does not store any type of registry about its users. They also add that there is no effective way to block the file-sharing traffic of their users, then they can use P2P without limitations, and explain that they accept the main cryptos as a form of payment, in addition to bank transfer and credit card, with an identification temporary payment that can not be linked to users. For encryption, AES-256 is used.
IVPN does not store IP address records and is operated by Privatus Limited in Gibraltar. Simultaneous connections are limited thanks to a temporary counter in one of the central servers, which is eliminated when the user disconnects from the virtual private network. Unlike some of the previous ones, this VPN only executes services internally in its own servers, configured and managed directly and without providing access to third parties to its servers or its data.
Regarding requests for copyright, they can not be met satisfactorily because they do not store data on their servers and only act as’ conduit ‘of their users’ traffic. If in the future they had to analyze the activity of their users, they would do everything possible to alert them directly or indirectly. P2P traffic is allowed without limitations and port redirection is enabled. In addition, they accept Bitcoin, cash, PayPal and credit card as forms of payment without allowing the linking of data. And its encryption is AES-256-GCM.
AzireVPN does not keep any record, nor store traffic data, activity, IP addresses, active and total sessions, DNS requests, and so on. All records are disabled for this VPN operated by Netbouncer AB that operates under the jurisdiction of Sweden. As they explain, all possible security measures are used to guarantee the stability of their servers. Another interesting point is that the use of third-party systems is rejected, such as Google Analytics.
In your case, requests for copyright are answered stating that there is no record that allows users to be identified. In the case of a court order, it would be answered in the same way. P2P traffic is allowed and the main cryptocurrencies are available as payment methods, as well as cash payment by postal mail, also PayPal and credit cards. And confidential payment information is not stored.
Other recommended VPN, the best of 2019 to browse privately on the Internet
In addition to the above, which are part of the list of the best VPN 2019 if we want to surf anonymously and safely, there are many other recommended services. We have neglected all the options in which your own administrators agree to carry out some type of registration. In all the previous records of IP addresses, activity and others are not stored, and in which we will mention below are not carried out this type of practices. Therefore, all these VPN 2019 services are the most recommended that we can find, whether paid or free with limitations.
Windscribe, VPNArea, VPNBaron, SurfShark or NVPN also fall within this extensive list with the best VPNs of 2019. But they are still not alone, because due to their lack of identification data registration, AirVPN, CactusVPN, Trust should also be included. Zone, SwitchVPN, VYPRVPN, Proxy.sh, PrivateVPN, FastPVPN, CryptoStorm, WhatTheServer, IBVPN, Moles, AceVPN, Perfect Privacy, VPN Land, CanVPN, SlickVPN, HeadVPN, VPNHUB, SigaVPN and CyberGhost.
All these last ones attending exclusively to the registration of IPs, DNS requests, activity and other identification data. However, each one deals in a particular way with file exchange traffic, for example, billing information or requests relating to copyright infringement. In addition, jurisdiction is also important. All these details, although they seem unrelated to the VPN service itself, are crucial if we care to maintain maximum security and privacy when using a virtual private network.