As you probably know, a VPN encrypts your connection to the internet to give you online privacy and anonymity. Security, though, is a somewhat ambiguous word when it comes to VPNs.

A secure VPN should not simply protect your activity and data from prying eyes, but it should also keep no logs of that activity and offer a secure payment method which doesn’t compromise your anonymity.

Whether a VPN is secure or not in your eyes will also depend upon your priorities and why you want to use a VPN. If you’re trying to avoid detection by your government of your accessing otherwise banned websites, you’ll want to use a service that hides your encrypted traffic among normal HTTPS traffic.

If you simply want to unblock a video streaming service in another country, security and privacy isn’t quite as critical. 

Is a free VPN secure?

First, a quick word about free VPN services. While they exist, we don’t recommend using them if security is your top priority. The VPN service itself may well be secure, but companies don’t offer a free service if they’re not getting something in return. Check very carefully over the Ts & Cs, and the privacy policy as you might find that your details are sold to third parties in exchange for allowing you to use the service for nothing.

What makes a VPN secure?

Protocol

OpenVPN is widely regarded as the protocol to use if you want the ultimate security. Others, such as L2TP and PPTP are being discontinued because they’re not as secure.

Double up on security

If you want even better security than OpenVPN, look for a VPN service that offers ‘double VPN’ such as NordVPN or you can combine a VPN with the TOR web browser for a similar effect. ExpressVPN is one of many services which support this.

Most secure VPN

Kill switch

If the connection to the VPN server is dropped unexpectedly, it means that the information being sent and received is no longer encrypted. Many VPN services offer a kill switch which will automatically halt all internet traffic should this happen.

Most secure VPN

Kill switches aren’t all identical, though, and some will only stop the internet connection for certain apps (such as your web browser) while others will put a complete block on traffic to all apps, even the operating system.

NordVPN has two kill switch settings, as shown above. You can enable the 'kill the entire connection' switch or you can use the App Kill Switch and choose which apps have their internet connections terminated should the VPN tunnel collapse.

PureVPN has a system-wide kill switch and CyberGhost offers a customisable switch that kills just apps you choose.

Secure payment

If you really don’t want to be identified, then you won’t want to pay for your VPN service with your credit or debit card. This identifies you personally, and makes you traceable. Instead, look for a VPN service that lets you pay anonymously. Some even allow you to pay with gift cards, such as PureVPN whose payment options are below. Gift card payment is ideal for anonymity.

ExpressVPN, by contrast, doesn't allow you to pay with gift cards.

Most secure VPN

Obviously, it's also a good idea to use a dedicated email address to sign up to the VPN service - an address which you don’t use for anything else.

Zero-logs policy

Another thing you should consider is the logging policy. For the best security, you should with a service that keeps no logs whatsoever. That means there is no record of when you connected to the service, how long you were connected and which sites or servers you used.

Virtually all of the VPNs we've tested have such a policy, and those which kept some logs as recently as 12 months ago have updated their processes to bring them in line with competitors.

Here are some VPNs which have a no-logs policy:

For more, read our roundup of the best no-logs VPN services.

Where is the service based?

Certain countries share information with each other, and that’s why, for the best security, you’ll want to pick a VPN that’s located outside of the so-called “14 Eyes”.

If a VPN service is based in one of these 14 countries, it can be asked to share data of its customers and will legally have to comply.

In theory, so long as that provider has a zero-logs policy, there shouldn’t be any information to share and so your activity remains private. But for peace of mind, choosing a VPN provider that isn’t based in the USA, Canada, Australia, NZ or Europe is probably a good idea.

For reference, these are the 14 Eyes:

  • Australia
  • Canada
  • New Zealand
  • United Kingdom
  • United States
  • Denmark
  • France
  • Netherlands
  • Norway
  • Germany
  • Belgium
  • Italy
  • Sweden
  • Spain

Many VPN providers are based outside of the 14 Eyes, including:

For more VPN recommendations, see our roundup of the best VPN providers and check out our tips on how to make your VPN more secure.