The main goal of using a VPN is to increase one’s own security and privacy while you are connected to the internet. Obviously, this means that you are very conscious of these factors. And you would like to be sure and check if VPN is working as it should be.
A problem arises when you have to choose between many VPN providers, all of them claiming to be excellent. Most even claim to be ‘the #1 VPN service provider in the world’. So, how can you really know if the service is as good as advertised?
Today, we are going to highlight a number of tests anyone can perform on a VPN server to prove that it’s working well. Most of the criteria we used to determine whether the VPN offers total security against leaks. We figured that this is very important for everyone.
Nevertheless, a VPN has other features to compliment the security it provides. Some of these include speed, trust, apps, etc. and we think these are important to the overall performance of the VPN service.
Now that we have explained the basics, let’s get right into it, shall we?
Checking for VPN Leaks
A VPN works by encrypting your internet connection so that even your ISP (Internet Service Provider) cannot decipher what data you’re transferring. Most ISPs keep a log of users’ activities and sell it to advertisers or to report to the government.
One past your ISP, traffic goes to a VPN server which spoofs your IP address. So the website you access does not know your true location. Instead, they will only see the IP address of your VPN provider.
Some excellent VPNs even go a step further and use obfuscated servers to generate random IP addresses. So that it seems like your data is traveling over an ordinary IP address. This is an especially great feature for accessing websites like Netflix that actively block VPNs.
However, during this entire process, a leak can occur within the connection that reveals your actual IP address to your ISP or the website you’re visiting. It’s a serious problem because it means the VPN isn’t working to provide you with any privacy.
You need to test any VPN you use for any form of lean because if it fails, it would mean that the VPN is not working at all. There are also 3 types of leaks:
- IP address leaks for both IPv4 and IPv6
- DNS leaks
- WebRTC leaks
We shall discuss each of these separately, but first, you need to know how we did these tests.
How We Tested For Leaks
The easiest way to check if a VPN has any leaks is to visit a test website. A website is able to see the IP addresses it receives, which is how web owners collect users’ data and sell it to advertisers.
There are currently a number of test websites used to check if your IP address, DNS, or WebRTC is leaking. For this test, we used the website ipleak.net because it is capable of checking IPv4, IPv6, DNS, and WebRTC leaks.
We also checked a few other test websites just to confirm the results we found on ipleak.net. You can try out a few test websites too just to be sure you are also getting consistent results.
In addition to the above, we also checked for dropped connection leaks. These happen when your connection to a VPN server gets interrupted and your real IP address and other details are visible.
It is common to have leaks during dropped connections on free VPNs and even some paid versions. The best VPN services, though, monitor the connection continuously. They instantly disconnect all internet connectivity when you checked and saw that the VPN server connection is bad.
Such a feature is referred to as a kill switch and it is absolutely necessary to ensure total security and privacy. In our tests, we manually disconnected our internet connection, then reconnected thereafter to see if there had been any leaks.
Checking for IP Leaks
Our test began with VPN Unlimited switched to a UK server and the results can be seen in the image below. We had to block out our real addresses for privacy purposes, as anyone else would in our shoes.
The VPN had successfully masked our IPv4 address, but the IPv6 address below it was leaked to reveal our real address. You can also see the same problem with WebRTC where the public IPv6 address on the right was once again leaked.
Results of the Test
It was not a total surprise to see the IPv6 leaks because we knew a lot of VPN providers don’t support IPv6. Fortunately, you can easily avoid this situation by checking the VPN’s website for information about this feature and select one that does.
IPv6 has been slow to be adopted, but the rollout is still ongoing after it was noted that IPv4 could not handle all devices in the world connected to the internet. It is especially important if you’re planning on purchasing a long-term plan of over 1 year from a VPN provider.
You may also have noticed that there was an IP address shown on the left of the image above in the WebRTC section showing a local IP address. This is not indicative of a WebRTC leak because there is a difference between the local and public IP addresses.
The former is used to identify computers within a private network, while the latter is the one you get from your ISP. Therefore, as long as your public IP is hidden, your computer cannot be identified.
To get a glimpse of how things could be different, we also tested Perfect Privacy switched to a server in Sweden on the same test website. This time, there were absolutely no leaks, and this is what you should be aiming for.
Now, our IPv4, IPv6, WebRTC, and DNS addresses are all switched to the Sweden server by Perfect Privacy. And that’s was we call perfect privacy.
Checking for DNS Leaks
DNS (Domain Name System) usually has a link to a phonebook because it is for the identification of the IP address of a website. For instance, the IP address of Facebook is 176.13. 69.63, but it’s easier to remember facebook.com. That is the DNS service to make things easier.
When you enter a website’s name into your browser’s address window, that name is sent to your ISP to look up the corresponding IP address. Therefore, your ISP can see all websites you visit, and this information can be used for all sorts of things.
To prevent these DNS leaks, a VPN service must be itself capable of DNS translation. If so, your DNS requests are sent via a secure tunnel to your VPN server to get translated without having to go through your ISP.
Many free VPN services do not have this facility and instead use Google DNS or OpenDNS. Sadly, this is not secure at all and leads to DNS leaks such as we have seen in the image below.
Following a DNS leak, it is not your IP address that is visible, but that of your ISP. That should not make you feel comfortable, though, because this address can still be linked back to you and expose your real identity.
Checking for WebRTC Leaks
WebRTC was implemented for use in web browsers to allow voice and video chats without the need for additional plugins. The system is thus capable of identifying your public IP address.
This is also why you see two separate IP addresses under the WebRTC section on a test website. One is the IP provided by the VPN and the other by the ISP to enable WebRTC. It happens because they send WebRTC data packet separately from the other internet data packets.
A good VPN service ought to prevent WebRTC leaks as well by passing all data packets through the same encrypted tunnel. Alternatively, you could use firewall rules to prevent specific data from being transferred from your computer.
There are also some browser plugins you could install in your web browser, but these are not 100% reliable. For this reason, we recommend identifying VPN service providers who prevent all WebRTC leaks and testing the claims to confirm.
Some of you may be extremely security conscious, and the above tests may not even begin to meet your high standard of privacy. For you, we recommend trying the suite of leak testing tools provided by ExpressVPN for free.
If you happen to be a true whiz, you could perhaps create similar tools yourself, but these ones ExpressVPN offers, are good enough. The advanced testing tools will perform extensive tests on your VPN to confirm it’s truly secure in all situations.
How Fast Is Your VPN?
Security and privacy are great to have, but these come at a cost – speed. To make your internet traffic secure, a VPN service must encrypt your data. Then send it to a VPN server (preferably in a different country), and after that send this data to a website and back again to you.
There is a lot involved here, obviously, and that means you shouldn’t expect the same speed you were enjoying before. Even so, the best VPN providers still manage to make the difference in speed negligible so you don’t even notice the minor decrease.
To check how fast your VPN speed, there are several things to consider:
How Far Away Is the Server?
They transfer data signals in the form of light through fiber optic cables. Just like your car’s headlights get dimmer over the distance, the data signal also gets weaker the farther it has to travel. This decreasing speed is referred to as latency.
To reduce the rate of latency, you should choose a server that isn’t too far from your location. For example, if you live in the US and select a server in, say, Singapore, your download speeds would typically be slower than someone who selected a US-based server.
It is common for a VPN provider to have servers in the US, Australia, Canada, and Western Europe. Some go further to include servers in Eastern Europe, the Middle East, and Southeast Asia. But only a few have servers in Africa and South America.
However, there are other factors that come into play, such as the number of people using the server at the time. In the previous example, you would be better off using a Singapore-based server while based in the US during the day. Because it would be night-time in Singapore and vice versa.
The fastest VPNs are those with multiple servers spread across the world so that its users have a variety to choose from.
Also, try to check if the VPN is using virtual servers or not. Virtual servers appear to be in a different location while in fact, they aren’t. It is very difficult to get this information because companies won’t reveal it, but you can deduce from the connection speed.
Number of Users Signed Up by the VPN Provider
Because everyone cannot be assigned a dedicated server, the ones available have to be shared. Obviously, this means that there will be limitations in bandwidth and speed when there are too many people accessing the same server simultaneously.
The top VPN service providers have thousands of servers around the world. And gradually they increase the number as new clients sign up. This is another difficult number to get from a company. But you can determine if a VPN’s servers are overloaded from the speed you get.
No matter how good a VPN service is at delivering high speeds. What you ultimately experience, your ISP bandwidth infrastructure will determine. You would think this is a problem only for developing countries. But even developed countries such as Australia and Germany usually have poor internet speeds.
And sometimes an ISP may be to blame when it throttles your internet connection. This is common in trying to discourage certain activities like Torrenting. That is why VPN service providers who allow Torrenting is particularly in favor.
What we’re saying is that, sometimes, you may need to look into the mirror before blaming the VPN for slow connection speeds.
Processing Power of Your Device
Before data comes to a VPN server over a secure tunnel, the data encryption process first takes place on the device level. The app you install on your desktop or mobile device will make use of your device’s processing power to perform this task.
Therefore, it means that your own device may be slowing down the VPN rather than the network itself. This is another case of looking into the mirror before judging a VPN’s service.
Rooting Out Malware
Do you ever wonder why some software is completely free of charge? As it turns out, some software developers integrate malware into the software. A study showed that about 38% of VPN apps for Android had malware, perhaps even more.
The malware doesn’t necessarily have to crash your computer, but instead subtly collect your personal data and launch ads on your web browser. Considering that a VPN has to keep you safe, malware certainly renders any VPN app that has it useless.
There is only one way to check whether a VPN service has malware or not is to run a check. If you have antivirus software installed, it should spot any suspicious activity. Otherwise, you can use VirusTotal to do a quick check.
You now know how to check which VPNs work best, but you still have to identify one that’s best for you. It’s not an easy thing when there are so many choices. But some of the highly recommended options include ExpressVPN, NordVPN, Perfect Privacy, among many others.
You don’t have to choose either of these. Because now you have the tools to test any VPN service provider you come across. So, go ahead and do that, then tell us your own recommendations below.