How to Choose the Right VPN
You Need an iPhone VPN
Apple has made iPhone security a number-one concern from the very beginning. As a result, you don’t see anything like the horde of malware attacks that exist for Android devices. You generally pay more for that added security, but you’ve got good protection in hand. It’s when you connect your device to the internet that things get dicey. If you’re not using a secure HTTPS connection, your data is exposed. Even if it is, snoops could learn a lot just by seeing what sites you visit, and where your connection originates. To fully protect your online activity, you need a VPN, or virtual private network. With a VPN’s protection, nobody can see or tweak your network traffic, not even the network’s owner. VPNs have other benefits too, as I’ll explain, so install one on your iPhone now, and don’t forget your other devices.
It’s true that modern cellular communication is thoroughly encrypted, not easily tapped unless you have access to police-level tools like the Stingray device, or data dumps from cell towers. Oh, it’s possible for bad actors to jam the secure 4G and 3G channels, forcing nearby phones to connect via insecure 2G to a briefcase-sized cell tower called a femtocell. In that scenario, the attacker has full access to all communication. But the likelihood you’ll suffer such an attack is vanishingly small.
The real day-to-day problem is Wi-Fi. When you connect to the free Wi-Fi at the public library, airport, coffee shop, grocery, or wherever, your security is in the hands of the hotspot owner. HTTPS connections should be safe, but a crooked network owner could sift through your less sensitive communications, and could track which sites you visit. Other users on a nonsecured network can also find ways to track your network traffic, if they’re clever. Even your own ISP can now aggregate and sell nonpersonal information, thanks to the current administration’s steady dismantling of online security. It’s a jungle out there!
It gets worse. Once you’ve connected with a hotspot, your iPhone’s default behavior is to connect with that same hotspot automatically next time it comes in range. However, there’s no verification of the hotspot other than the SSID (network name), and your iPhone broadcasts the names it’s looking for. It’s easy for bad guys to obtain a portable hotspot that listens for those broadcast queries and mimics every network name requested by nearby devices.
Note that the same dangers apply to that lightweight MacBook you’re carrying around. When you’re connected to Wi-Fi, you’re vulnerable. Be sure to install a Mac VPN before you head for the coffee shop.
Encryption and Location Spoofing
When your VPN is active, all your network traffic, whether from browsers, apps, or iOS itself, gets encrypted before it leaves your phone. This encrypted data stream travels to a server owned by the VPN company, where it’s decrypted and sent on its way.
Encrypted web traffic isn’t the only reason you need a VPN. With a direct, no-VPN connection to a website, your IP address not only identifies you to that site, but it also identifies your geographic location. Ad-trackers, snoops, and government agencies can use that IP address to track what you do online. When you’re using a VPN, however, the IP address that others see is that of the VPN company, not your own.
The best VPN companies maintain servers all over the world. On one hand, that means that when you’re traveling you can find a nearby server, and nearby typically means faster. On the other hand, you can spoof your location by choosing a server in a faraway country. Try doing that and visiting the Google website; you’ll find that it comes up in the language of your apparent location. Journalists embedded in repressive countries and political activists working against those repressive regimes have long relied on VPNs to communicate safely with the outside world. Of course, you may be breaking local laws just by using a VPN. For example, Russia has banned the use of VPNs, claiming a need to block terrorist activities. Russia is also working on a system to detach from the internet at large, ostensibly to protect against cyberattack.
Russia’s not alone. China banned the use of VPNs last year, though some still manage to connect. China’s internet censors have displayed their power by blocking use of the letter N. The big Chinese ISPs have been tasked with blocking unauthorized VPN use, while letting businesses continue to use their internal VPNs.
It’s not uncommon for online streaming services to offer content in one region, but not another. Offerings from Netflix and Hulu differ by country. Brits can watch BBC shows for free, while the same shows require a subscription in the US. Spoofing your location with a VPN can get you access to shows not normally available to you. But take care: Location spoofing may violate your terms of service. In addition, companies like Netflix are cracking down on VPN users. More often than not, streaming isn’t an option when your VPN is running.
Despite Wi-Fi and cellular security issues, privacy concerns, and the other potential benefits of location spoofing, too few people protect themselves and their traffic with a VPN. In fact, in our survey on VPN usage, 71 percent of respondents had never used a VPN. If you fall into that group, don’t worry! We’ve got a whole feature on how to set up and use a VPN.
What an iPhone VPN Can’t Do
The connection from your device to a VPN server is totally secure, but the same can’t always be said of the connection from the VPN server to the website you’re visiting. If it’s a plain old HTTP website, the back-and-forth between the site and the VPN server isn’t protected, and might conceivably be intercepted. If the site uses secure HTTPS, on the other hand, your interaction is encrypted from end to end, but a snoop could still learn where your data is going.
Even with no VPN, your connection to a site that uses HTTPS, as Google wants every site to do, is encrypted. Of course, that HTTPS connection does nothing to hide your IP address. For the best security, use your VPN and also connect using HTTPS whenever it’s available.
While the data going to and from your VPN server is encrypted, using a VPN doesn’t get you the level of anonymity obtained by connecting through the TOR network, nor the concomitant ability to dive into the scary depths of the Dark Web. On the plus side, some VPN services include TOR-specific servers as an option.
It’s true that iPhone users have less to worry about when it comes to malware (but don’t get too complacent). However, you can still be duped by a phishing website into giving up your security credentials. A few iPhone VPNs promise to strip out fraudulent sites, malicious sites, and (in some cases) advertising from the data stream that pours into your iPhone. Just don’t rely too strongly on these, as in most cases they do the job using a simple blacklist. Phishing websites come and go ephemerally, and often vanish before they ever get blacklisted.
Testing iPhone VPN Performance
Suppose your business involves shipping goods back and forth between City A and City B. If you add a requirement that they go off to City C for a security check in the middle of each run, the trip will naturally take longer. The same is true when you stick a VPN server in the middle of your connection to a website. Things almost always take longer.
Before starting our VPN speed tests, we disable the cellular data network by putting the phone in airplane mode and then enabling Wi-Fi. The cellular connection isn’t as stable, and it’s also much more difficult to attack than Wi-Fi, as mentioned earlier. We test all of the products on the same iOS device, running the latest version of iOS.
For testing purposes, we use Ookla’s internet speed test tool. (Note that PCMag’s publisher, Ziff Davis, also owns Ookla). We average a series of tests, discarding the lowest and highest results. Then we immediately enable the VPN, connecting to whatever it recommended as the fastest server, and repeat that test. By comparing averages with and without the VPN active, we derive a score based on the percent change.
Ping latency is the time it takes for your device to query a server and receive a response. If that query must go through the VPN, latency typically increases, sometimes by a little, sometimes by a lot. However, we measure latency in milliseconds. Unless you’re playing a fast-paced online game where extra milliseconds of lag can get you fragged, you won’t notice a modest increase in latency.
A drag on download speed, on the other hand, will probably draw your attention. If downloading a new app takes twice as long, that’s not good. And slow download speeds can cause streaming videos to pause or stutter. Fortunately, few of the iPhone VPNs we’ve tested had a big impact on download speed. In fact, one of them actually sped up downloads in testing.
When’s the last time you uploaded a big file from your smartphone? Right, it’s not a common activity. A drag on upload speed due to the VPN isn’t likely to bother anybody. In truth, while all the iPhone VPNs we tested had some effect on upload speed, even the worst of them wasn’t bad.
For this batch of reviews, we performed all the iPhone speed tests on exactly the same device and network, over the course of just two days, but that doesn’t mean we’d get precisely the same results on a different day, nor that you would get the same results on another network. The extremes would probably remain extreme, but other results could well vary. In addition, for most people, speed shouldn’t be the only factor in choosing a VPN. A convenient interface, a wide selection of servers, useful advanced features—these are also important considerations.
Can You Trust Your VPN Service?
If you’re using a service to route all your internet traffic through its servers, you have to be able to trust the provider. Established security companies, such as F-Secure, may have only recently come to the VPN market. It’s easier to trust companies that have been around a little longer, simply because their reputation is likely to be known. But companies and products can change quickly. Today’s slow VPN service that won’t let you cancel your subscription could be tomorrow’s poster child for excellence.
We’re not cryptography experts, so we can’t verify all of the encryption claims providers make. Instead, we focus on the features provided. Bonus features like ad blocking, firewalls, and kill switches that disconnect you from the web if your VPN connection drops, go a long way toward keeping you safe. We also prefer providers that support OpenVPN, since it’s a standard that’s known for its speed and reliability. It’s also, as the name implies, open source, meaning it benefits from many developers’ eyes looking for potential problems.
In evaluating VPNs, we give special attention to the privacy practices of VPN companies and not just the technology they provide. In our testing, we read through the privacy policies and discuss company practices with VPN service representatives. What we look for is a commitment to protect user information, and to take a hands-off approach to gathering user data.
As part of our research, we also make sure to find out where the company is based and under what legal framework it operates. Some countries don’t have data-retention laws, making it easier to keep a promise of “We don’t keep any logs.” It’s also useful to know under what circumstances a VPN company will hand over information to law enforcement and what information it would have to provide if that should happen.
While a VPN can protect your privacy online, you might still want to take the additional step of avoiding paying for one using a credit card, for moral or security reasons. Several VPN services now accept anonymous payment methods such Bitcoin, and some even accept retailer gift cards. Both of these transactions is about as close as you can get to paying with cash for something online. That Starbucks gift card may be better spent on secure web browsing than a mediocre-at-best latte.
Even the best privacy practices can’t protect against failures by third-party providers. The well-regarded NordVPN suffered a breach that was traced to a single leased server managed by a third-party company. NordVPN has beefed up security, hired a penetration-testing team to work alongside its own experts, and scheduled a full security audit. The company also announced a bug bounty program. TorGuard got caught up in the same breach, but can’t report full details due to a pending lawsuit against…NordVPN.
VPN Features and Extras
The features to look for in a VPN depend on the way you intend to use it. If you never travel abroad and don’t feel the need to pretend you’re surfing from Amsterdam, the most important features for you are a convenient interface and a big selection of servers in the US. Conversely, if you’re a globetrotter with a need for a secure connection from just about anywhere, you’ll look for a VPN provider whose server locations cover all the continents.
For those protecting their Windows or macOS desktops with a VPN, the availability of specialized servers for BitTorrent and P2P file sharing may be a deciding factor. However, in our experience, using BitTorrent or P2P on a mobile device is much less common.
Here’s a distinction that may matter more to us than to the average user. There are many protocols available to protect a VPN connection, and our favorite at PCMag is OpenVPN. It’s open-source, so many experts have vetted its security. It’s also fast and effective. And…hardly any iPhone VPNs use it. Why? Because Apple would prefer developers use the default IPSec or IKEv2 protocol, so any app that uses OpenVPN must go through even more vetting than usual.
Finally, there’s the bang-for-your-buck factor. While it’s possible to get a VPN for free, most free services either put a draconian cap on bandwidth or serve up ads. Prices for the iPhone VPNs we’ve examined range from less than $7 to more than $12 per month, typically with a discount if you pay for several months or a full year. That subscription typically lets you install protection on five or ten devices, though a few VPN tools put no limit on the number of devices.
Get the Right iPhone VPN
There’s little need to go searching the Apple store for an iPhone antivirus utility to go with iOS 13. Malware coders focus on the low-hanging fruit, meaning the relatively insecure Windows and Android operating systems. But using a VPN isn’t about protecting your device; it’s about protecting your information, and your network connections. You need a VPN no matter what type of device you use. Read our reviews, check our ratings, and select the VPN that’s best for you. Once you’ve chosen a service, be sure to read our guide on how to set up and use a VPN.
Editors’ Note: IPVanish is owned by j2 Global, the parent company of PCMag’s publisher, Ziff Davis.