VPNs are one of the most widely known tools for protecting digital privacy. People in different countries use VPNs daily. To be exact, more than 31% of all internet users rely on VPN services. So what do VPNs exactly do to secure the users' privacy on the web? Read on to find out.
VPNs mask the IP address 🛡 An Internet Protocol (IP) address is a unique number that identifies people on the internet. It's assigned to users by their Internet Service Providers (ISPs, for short). Websites analyze the IP to figure out the user's region. Why do they need it? Well, many online services are geo-restricted, meaning they don't support some countries. VPNs connect users to servers in other countries and changes their IP to the servers' one. Masking the IP address allows access to geo-blocked websites.
VPNs encrypt connection 🔒 Usually, the data travels from the user's device to their ISP server without protection. As a result, the ISP knows what websites the user goes to, what they do online and can log this information. In some cases, ISPs can sell it. VPN services use encryption to secure users' online traffic. When the VPN is on, the ISP will get the data, but they'll only see a cipher they can't use in any way.
In the case of our VPN, ClearVPN, we use the highest-standard encryption, AES-256 (read more on it below), to securely hide our users’ information. We also maintain a strict no-log policy by not collecting, storing, or sharing our users’ data in any way.
VPNs hide apparent location 🌍 As we've said before, an IP address points to the user's location. The VPN tunnels the traffic through a different server and gives the user a new IP. This changes their location (as websites see it) to the desired country.
VPNs make ad tracking harder 🙌 Advertisers need the IP address to record users' actions on websites. Combined with cookies, it allows presenting people with optimized ads. As VPNs hide the actual IP, it becomes harder for advertisers to track users' online activities. ClearVPN lets users protect themselves from tracking with just a tap. Our special shortcut (that’s how we call ClearVPN’s pre-made VPN solutions) changes the users’ IP and connects them to the closest available server. This way, it becomes harder for advertisers to log users’ actions online while their connection speed stays fast.
VPNs don't guarantee full anonymity ☹️ Although a VPN encrypts the web traffic and changes the IP address, it doesn't mean that the users will be 100% anonymous on the internet. Human error is still the most significant source of danger, and no VPN can save from that.
VPNs don't protect from viruses 🧑💻 VPNs are not anti-virus software and should never be used instead of one. Although some VPNs can block sites with possible malicious content, they can't protect from viruses in files users download from the web. That's why it's essential to have an anti-virus tool. That's true even if you're on Mac. Malwarebytes' 2021 State of Malware Report saw malware on Macs (mostly backdoors, data stealers, and cryptocurrency stealers/miners) increased by more than 61% this year.
VPNs can slow down the internet 😑 Encrypting data and then sending it to a server on the other side of the planet earth does take some time. Luckily, modern VPN speeds are so fast that an average user won't likely feel any difference. It's possible to stream Netflix and play Fortnite over a VPN connection, so the loss of a few Mbps is relatively low.
Encryption isn't something new. Turning information into cipher was as crucial four thousand years ago as it is now. Today's encryption is a mathematical algorithm that turns data into a mix of symbols that can be unlocked only with a key. The key is a secret line of code known only to the sender and receiver, and it changes with each session. Modern encryption is so strong that even the most brilliant computers will need a few million years to break it down.
What is the Encryption Industry Standard?🤔 Humans just love having standards in everything, so there's one in encryption too. Today's industry standard is AES (Advanced Encryption Standard). It has a few variations based on the key size: 128, 192, or 256 bits. Governments and organizations like banks and intelligence agencies use AES-256 for their most valuable data, so do the most secure VPNs.
Here's how AES-256 works 😎 Let's say we need to encrypt a text message. AES-256 creates a unique key that consists of 256 bits. With the key, the technique uses a mathematical algorithm that will turn text into a cipher. This way, the "I love oranges" text becomes "wixEJfcdh+dfbZZ8TJn9QQ==." Quite uneasy to guess, isn't it? You can try encrypting your messages on this website. AES-256 doesn't only encrypt text. As any information, including images, videos, and audio, can be represented as code, they get encrypted too.
"Wait, what? Isn't encryption enough for a VPN to work?" — Well, the encrypted data still needs to travel from the user's device to the VPN server. And get back. That's why VPNs utilize special protocols that rule out the transit of information. Let's look at the most popular VPN protocols:
PPTP or Point-to-Point Tunneling Protocol was one of the earliest VPN protocols. It was created in 1999 by Microsoft, it was prevalent in the first VPNs, but it lacks essential features and has many security vulnerabilities compared to modern protocols.
L2TP or Layer Two Tunneling Protocol is a better version of PPTP. It doesn't provide any encryption on its own but is usually accompanied by IPSec (a type of encryption). It's not perfect, but if there's a choice between PPTP and L2TP, the second will be much better.
SSTP or Secure Socket Tunneling Protocol is secure but not open-source. Microsoft owns this technology, and although there are versions of SSTP for Mac and Linux, it's still primarily a Windows protocol.
IKEv2 or Internet Key Exchange version 2 is a relatively new VPN protocol developed by Microsoft and Cisco. It doesn't support as many platforms as the other ones and works mainly on Windows and iOS. IKEv2 is good at re-establishing a VPN connection if the user suddenly loses connection.
OpenVPN uses the most robust encryption out of all the other protocols — AES, which we talked about earlier. It's also open-source, meaning developers can understand how it works very well and adapt it to their needs. Compared to other protocols, it's the best choice for security.
WireGuard is a new VPN protocol designed to be an alternative to OpenVPN and IKEv2. Its most significant benefit is a faster connection time. It uses strong encryption, but it's not considered as secure as OpenVPN.
In the case of the ClearVPN, we use both the OpenVPN protocol powered by AES-256 encryption and our custom protocol based on WireGuard for faster connections.
As a summary, let's boil down to what VPNs really secure their users from:
VPNs protect from ISPs collecting data 💳 VPNs encrypt users' incoming and outcoming traffic, which stops the ISPs from profiling and tracking their online activities.
VPNs protect from being fined for torrenting 💰Most peer-to-peer software uses the IP address in their file-sharing technology and makes it visible to everybody on the internet. While using P2P isn't illegal, uploading a copyrighted file via the network is. Governments and ISPs often look up for torrenting activities from their IPs. If they catch a user uploading a copyrighted file, they can sue them. VPNs hide the actual IP together with users' online activities.
VPNs protect from targeted ads 🍪 IPs and cookies are the bread and butter of digital advertisement. As the VPNs hide the user's actual IP address, they'll see less targeted and location-based ads while browsing.
VPNs protect from geo-blocks 🌍 Many countries restrict access to certain websites by providing the ISPs with the "blacklist" of undesirable resources. VPNs help users bypass this restriction by encrypting their information, and the ISPs will only see the cipher.
VPNs protect gamers from DDoS attacks 🎮 In online games, some players want to win no matter the cost. That's why they can DDoS their opponents. A successful DDoS attack will slow down the internet connection or even completely shut it down. The IP is enough to launch such an attack. With a VPN, the actual gamer's IP is hidden, and any online game is safe from DDoS.