A Virtual Private Network (VPN) is a service that allows you to connect to the internet via an encrypted tunnel to enhance your online privacy and protect your personal data.

Usually, VPN services establish secure connections to public Wi-Fi hotspots, hide IP (Internet Protocol) addresses, make browsing more private, and bypass restrictions such as government censorship or geo-blocking.

A VPN makes sure that your data isn’t tracked, recorded and sold by your internet service provider (ISP), ad brokers, or hackers.

    How does a VPN work?

    A VPN offers protection and privacy by encrypting and obscuring your internet traffic. It does so by rerouting your data packets through one of its VPN servers, changing your IP address in the process.

    To understand how this process helps a VPN secure your connection, let’s first examine how your device transfers and receives information over the internet.

    How information travels over the internet

    How information travels over the internet

    An unprotected internet connection

    When surfing the web, you’re basically sending data packets that contain, among other components, your IP address over the internet to ask for information back. The DNS (Domain Name Servers) guide this data on its way to your desired destination.

    Without a VPN, your Internet Service Provider (ISP) can see where these packets travel and what data they request. This way, they can monitor, log, and later sell that information while the websites can recognize you and your online activity by your IP address. 

    This data becomes valuable to ad brokers and other service providers because, over time, it reveals patterns in your actions such as likes, hobbies, interests, and, therefore, your behavioral tendencies. 

    How a virtual private network secures your traffic

    How a virtual private network secures your traffic

    An internet connection secured by a VPN

    When you connect to a VPN, it establishes a secure tunnel to one of its servers. This makes it seem like the traffic originates from the server instead of your device. 

    At each end of the tunnel, the VPN client and the server both have a key that they have exchanged during the initial connection to encrypt your data (English: turn into unreadable code).

    Both the VPN client and the VPN server use this key to scramble and later descramble your traffic before it travels through the tunnel. Also, since your data passes through the VPN server, which uses different IP addresses, your “personal” one stays unseen.

    This way, the content and origins of the data flowing between you and the internet remain hidden from your internet service provider and third-party websites.

    Does that mean a VPN can make you anonymous?

    Does that mean a VPN can make you anonymous?

    Let’s set one thing straight, no sugar coating – internet anonymity is a fantasy. Yes, you’ve read it right, there is no real way you can be anonymous on the web. However, a VPN can help you get closer to it. Here’s a table showing what’s hidden with a VPN vs. without:

    With a VPN
    Without a VPN
    IP address
    Hidden
    Exposed
    Location
    Hidden
    Exposed
    Browsing habits
    Hidden
    Exposed
    Internet activity
    Hidden
    Exposed
    Internet traffic
    Encrypted
    Exposed
    E-mail you use to register
    Exposed
    Exposed
    Credit card information used for purchases
    Exposed
    Exposed
    Targeting ads
    None
    Very frequent

    What a VPN does and does not hide

    Then just how secure is a VPN?

    Of course, VPNs are secure, but it gets complicated. The truth is that no security system is perfect, regardless of what anyone might tell you. 

    Most security measures bank on making the job of cracking it as tough as possible. For example, an encrypted session could take up to trillions of years to decrypt by trying to “brute force”, i.e., guess the right key. 

    And even if someone managed to crack it, many VPN services like Surfshark have implemented something called PFS (Perfect Forward Secrecy). This means that a client generates a new key every set amount of time (usually up to 10 minutes).

    With PFS in place, cracking an encrypted session would only reveal the activity that’s happening in that period. After a new key is generated, you’d need to crack it again.

    Because of how difficult it is to crack down encrypted traffic, scammers and hackers usually prey on careless people online and on public Wi-Fi hotspots. 

    This doesn’t mean that VPN security is impenetrable either, the same way that any government cybersecurity system isn’t

    However, it takes so much time and computational power to compromise an individual VPN connection that it is not worth trying to do in the first place.

    What is encryption and how does it work?

    What is encryption and how does it work?

    An encryption process visualized

    I’ve mentioned encryption several times already but let’s take a look at how it works.

    Encryption is an information encoding process that VPNs use to secure your data exchange to the World Wide Web. To anyone else, an encrypted message would look like complete gibberish unless they had a decryption key to decipher it.

    To ensure that no one else has one, the VPN client and server generate and exchange the key when you first connect to a VPN. 

    How strong the encryption is, depends on what encryption algorithm you use and the VPN protocol (discussed below) you pair it with.

    Nowadays, the AES 256-bit cipher is considered the best encryption algorithm used by the US government, the NSA, and the more reliable VPN service providers, including Surfshark.

    What is an IP address and why can others see it?

    What is an IP address and why can others see it?

    Aside from cybergod-tier hackers, more internet users are worried about their IP address privacy, and for good reason.

    An Internet Protocol (IP) address is a digital label used to achieve communication between networks. It serves the purpose to identify:

    1. The host (you);
    2. Your location in the network so that it knows where to send the information once it is requested.

    This means that without a VPN, the data packets traveling over the internet display your IP address at all times. It is visible to most online services, allowing websites to gather information about you.

    A VPN hides your IP address and location in the process because you’re technically accessing the internet through a VPN server. And this server is where information goes before it gets encrypted and reaches you through a trusted tunnel.

    What can a VPN do for you?

    So a VPN can increase your security and online privacy, but is that all that it can do? From a mere technical perspective – yes, but these two features bring other benefits to the table.

    In short, here’s a rundown of what a VPN service can do for you and its many use cases in different areas.

    It encrypts data & protects you on public Wi-Fi

    Free public Wi-Fi may be handy if you’re on the go, but it is also unsafe and makes you vulnerable even to basic cyber attacks. A VPN encrypts your online data and helps secure your personal information when you use Wi-Fi in airports, coffee shops, or other public places.

    Hides IP address & masks browsing and torrent history

    Masking your IP address is essential to secure online privacy. A VPN ensures that your location, browsing habits, and torrenting history aren’t directly linked to your identity. This way, you can surf with peace of mind without any third parties trying to incentivize your choices.

    Changes displayed location

    With location changer VPN:

    • Unblocks blocked websites
      Access to various websites is restricted in many countries due to geo-blocking. You can unblock sites by connecting to a VPN server based in a different country. This allows you to bypass various geo-restrictions for content, social media, or even research purposes.
    • Helps you get more out of Netflix
      With a VPN, you can access more Netflix libraries worldwide and other streaming services like Hulu, Disney+, HBO Max. Surfshark alone unlocks more than 15 Netflix regions in the US, UK, Japan, France, and other countries. Learn more about streaming here.
    • Lets you bypass internet censorship
      The internet was made to be free and sovereign for open information sharing to promote freedom of speech. With a VPN, you can make sure you stay in the shade from the peering eyes of government censoring. It’s almost like wearing Shadowsocks!
    • Helps you avoid price discrimination
      Websites and services use your location and cookies as information to tailor prices for their goods and services. With a VPN, you can avoid these unsavory marketing practices and save money when shopping online.

    How to set up and use a VPN

    All of this information may seem daunting, but setting up a VPN is relatively easy. We recommend downloading native apps, but you can always opt for a manual config if you’re tech-savvy.

    Download a VPN application

    The easiest way to set up a VPN is to download a VPN application. All you need to do is pick a reputable VPN service provider and download its application to your device. If you can install an app, you can install and connect to a VPN app.

    Set up a VPN manually

    You can set up a VPN manually, too. Here’s how: set up a VPN on your router. Note, not all routers can support secure VPN protocols, so it’s important to choose one that does.

    Now that you know how to set up a VPN feel free to look at our dedicated blog post on how to use it.

    VPN protocols

    An important part of VPN security is protocols – crucial mechanisms that make your connection to the VPN server possible. They are sets of rules that determine how security and transportation processes for your VPN connections happen from start to finish. 

    Because of this, a VPN protocol determines the speed, stability, and security of your connection. Most VPN providers usually offer more than one VPN protocol because they can be useful in different situations. Here are some that you may come across:


    OpenVPN is an open-source VPN protocol. It’s fast, secure, and compatible with many routers. Because it is open-sourced, its code has been examined through and through by cybersecurity experts around the world.

    Available on: Windows, macOS, Android, iOS, Linux and BSD.

    Internet Key Exchange version 2 (IKEv2) on par quality with OpenVPN and WireGuard. It can outperform other protocols in terms of speed when switching networks and at shorter distance connections, making it popular among mobile users.

    Available on: Windows, macOS, Android, iOS, Linux, Blackberry, Unix and others.

    Both are severely outdated tunneling protocols, and we highly recommend avoiding them. Albeit fast, they can offer neither the security nor reliability of OpenVPN, IKEv2, or WireGuard.

    Available on: Windows, macOS, Android, iOS.

    SSTP is a tunneling protocol rather than a VPN protocol, meaning that it lacks the functionality of OpenVPN, IKEv2 and WireGuard. While considered relatively safe and easy to use, its code was never audited and it has issues working on other operating systems like Mac OS.

    Available on: Windows, Linux, BSD.

    Shadowsocks is not a VPN protocol but a tunnel proxy. It was created for the sole purpose of bypassing The Great Firewall of China. It is fast, hard to detect and can be used to skirt government-imposed censorship.

    Available on: Windows, macOS, Android, iOS, Linux.

    Is a relatively new protocol built to surpass OpenVPN and IPSec in power use and performance with only 4,000 lines of code. WireGuard® is secure, reliable, and able to compete with, and even surpass, OpenVPN and IKEv2 in terms of speed. 

    Available on: Windows, macOS, Android, iOS, FreeBSD, NetBSD, OpenBSD and others.

    How to pick a VPN service

    Let’s say, hypothetically, that this article has touched your soul so far (a writer can dream) and you have decided that you need a VPN.

    Even then, before choosing a VPN service provider, there are important things to look out for: 

    • Server coverage. A strong VPN provider should have good worldwide server coverage.
    • VPN encryption. A secure encryption algorithm is essential. Make sure to look for the AES-256 cipher – a current standard in the industry.
    • Server load. If there aren’t enough servers to balance the user load, connection speeds will suffer and become slow.
    • VPN protocols. Protocols are vital to a VPN’s security and you can use different ones according to which one you prefer. I recommend you look for services that offer OpenVPN, IKEv2, or WireGuard.
    • Multi-hop is a VPN feature that directs your traffic through several servers at the same time. It is not essential but can give your online security an extra kick.
    • Obfuscated VPN servers. When obfuscated (a fancy term for making something obscure), a VPN server will make your traffic seem like any regular internet traffic. This helps to bypass VPN blockers and win at hide and seek against your internet provider.
    • Device support. Before purchasing a VPN, make sure it supports the device that you wish to secure. It happens, we’ve all been there.
    • RAM-only servers are a great security addition to any VPN service. When running on RAM alone, servers automatically wipe all the data whenever turned off.
    • The Privacy Policy is arguably one of the most important parts to look for in a VPN service. An immediate red flag is if your VPN provider does not have a Privacy Policy or if they’re logging sensitive information without any clear reason.

    What is a no-logging or a no-log VPN?

    What is a no-logging or a no-log VPN?

    No-logging is a way of handling user data without keeping any logs or records of their online activity.

    It is also a rather vague term due to its “no” in the wording. But to claim that a VPN provider doesn’t hold any of their user’s information would also be misleading because email and billing information are both required to make a purchase and use the service.

    That being said, a no-log VPN will not collect the following information:

    • Your IP address
    • Your network traffic
    • Your browsing history
    • Your bandwidth information
    • Connection timestamps
    • Session information

    This way, it ensures that you can secure your online connection and surf the internet with peace of mind.

    And speaking of surfing with peace of mind, you are now armed with the knowledge to take your online privacy into your own hands.

    Surfshark is a VPN that has all the features mentioned in this article and we constantly strive to deliver the best user experience. 

    And if you want to learn more about VPNs or privacy, check out our blog for more cybersecurity content.

    Stay safe when surfing under surface with Surfshark

    Bet you 30 days you’ll like it

    Get started

    F.A.Q.

    What devices are VPNs compatible with?

    Device compatibility always depends on the VPN provider. Generally, most VPNs offer services on mobile devices, desktop computers, and laptops across multiple operating systems. Surfshark, for example, supports apps and plugins on the following platforms:









    If a VPN hides your information, is it legal?

    The short answer is yes – VPNs are legal. However, it is still against the law to use a VPN for illegal activities.

    Some countries ban the use of VPNs for political and legislative purposes like internet access control and censorship. Yet, most countries do not forbid their use.

    Read more about VPN legality and a list of countries that ban or restrict VPN use.

    What is a VPN web browser? Can I use it?

    A VPN browser is a web browser with an built-in VPN protocol that protects a user’s browser resources. Not everything that is advertised as a VPN browser actually is one. Some are just privacy browsers. Here are the VPN browsers you’re most likely to have heard of:

    Opera

    One of the top-dog contenders in the browser market, Opera does indeed come with a VPN plugin. Of course, like every browser-based VPN out there, it only protects your browser traffic.

    Epic

    Epic is a privacy-focused browser that stores very little and deletes everything once you quit. It now comes with a VPN feature.

    Tor Browser

    Not a VPN browser but has somewhat similar privacy use cases. Tor is necessary to access the Tor Network. It doesn’t have a VPN feature – instead, it relies on the Tor Network for privacy.

    Brave

    Brave is a Chromium-based browser with a VPN that comes as a premium feature (and only for iOS users). So its appeal is hardly universal.

    UR Browser

    UR Browser is a Chromium-based privacy browser made by AdaptiveBee. It claims to offer VPN functionality, but some online security experts argue that UR Browser’s VPN was previously just an unencrypted proxy.

    Orfox

    Orfox was a Tor-based browser for Android. Was. As the Tor Project released Tor Browser for Android, the project was discontinued.

    Can a VPN make my internet connection faster?

    In some cases, if you’re streaming or downloading something, your ISP may throttle, i.e., slow down your internet connection. They do this to save on and evenly distribute bandwidth across their users. But since a VPN hides your traffic, your ISP lacks the necessary information to throttle you.

    However, in most other cases, a VPN will not make your connection faster because it adds extra steps to accompany your connection. By default, the prolonged process may slow your connection down, but it would hardly be noticeable.

    How much does a VPN product cost?

    VPN prices vary across different providers. To illustrate this, here is a table of price comparisons from some of the better-known VPNs:

    Time period Price per month (USD)
    Surfshark NordVPN ExpressVPN CyberGhost
    2 years 2.21 3.71 3.49
    1 year 4.92 8.32 3.99
    6 months 6.49 9.99
    1 month 12.95 11.95 12.95 12.99

    Why should I pay for a VPN? Can’t I just use a free one?

    You can, but you shouldn’t. Here’s why.

    A VPN is a cybersecurity product that increases your privacy by rerouting information through different servers. These servers are physical, they cost a lot of money to build and maintain, and there are literally thousands of them across the world.

    Even if your VPN service providers were a lonesome pair of internet heroes doing this out of sheer care and integrity for individual privacy, they could not afford to do that unless someone was funneling cash to them from the outside.

    The same is with free VPNs. Their services are either slow and unsecure or they’re getting their money elsewhere – usually by collecting and selling your data.

    Should I leave my VPN on all the time?

    Yes. Ideally, you should always be using a VPN. Not only are cybersecurity threats much more common than people tend to think, but your data collected by third-party websites is extremely valuable.

    By using a VPN when you connect to the internet, your device, network traffic and browsing activity remain protected at all times.