10 things we wish more VPNs would do

Most VPN providers do their best to deliver the core features that customers expect: plenty of locations, decent speeds, simple clients, and fair pricing.

While that all sounds great – and of course it’s far from a bad thing – we don't think it's enough. These are the most basic technical aspects of a service, features you're entitled to get from every VPN. And you should have higher expectations from providers – companies who want to secure you as a subscriber must do more to win you over.

Such as? Good question. We've come up with 10 little-used VPN ideas that could help any provider deliver the service users need and expect.

1. Tell us who they are

Every time you use a VPN you're entrusting it with some of your most important details, but many providers do absolutely nothing to show they deserve this trust. Often, you won't know who runs the provider, where it’s based, and indeed whether there's a real company behind the service, or it’s just some guy or gal reselling other people's kit from his or her bedroom.

The solution is simple, at least for genuine providers: stop hiding. Your service is supposed to be about preserving our anonymity, not yours.

So, make some changes. Add an 'About' page to the website to explain how the company started. Not with the usual vague "we're a group of privacy experts who decided to build the best VPN ever" line, but real details. Give us a name or two. Tell us when you started, where you're based, what you've done, give a contact email for questions and reply – quickly – to any messages received. You get the idea.

2. Present products clearly

Too many VPN websites cram their front pages with generic service benefits you understand already, ('we encrypt your Wi-Fi connection!', 'we give you a new IP address!'), while some of the most basic details, like the number of locations they support, might be hidden away on another page.

Searching the site won't always help. We often find providers spread information about specific topics all around a site, so for instance you might find a couple of sentences about logging on the front page, more details in a FAQ, another take in a blog post and a contradictory view in the small print. Which is correct? There's usually no way to tell.

We think there's a better way of doing things, and it starts by making all the key essentials visible on the front page: the number of locations, countries, how many devices you can connect, the monthly and yearly prices, and any other standout features for that provider.

Keeping the rest of the website well-organized and consistent is equally important. Details on any topic should be easy to find and always kept consistent and up-to-date, ensuring users are never left guessing about any aspect of the service.

3. Shout about their achievements

A quality VPN provider needs to show it's active, has real technical expertise and is always working to improve the service. The key word there is ‘show’ – we don't want to read empty claims on the website, but instead see real evidence that this is an active company which knows what it's doing.

This starts with the provider's public face. Social media, blogs and news pages should always be kept up-to-date. Not just with pointless filler, either, like repeated discount offers or retweets of other sites. Give us useful content, maybe expanding on a support issue, pointing users at a relevant new open source tool, or anything else that shows you understand what we need.

We'd also like to see separate logs of every major service improvement. Always adding locations, for instance? Have a page which records every new server and when it was added. Maybe you've updated a client, or added a new support document? Again, have pages for each which detail what you've done, and when. Most users may never check them out, but anyone who does will see how much you're doing to enhance and improve the service.

4. Team up with other providers

Most VPN providers offer only their core service with minimal frills or extras. If anyone does stray into another area, maybe implementing some kind of service to block ads or malware, it's usually very basic and less effective than similar products you can download and use for free.

This seems odd to us. VPNs are big business with cross-platform appeal, so why don't the top providers team up with other companies to offer you more and better features?

Some antivirus products now include VPNs, for instance. What if this could work the other way round – for example, a VPN provider could team up with an antivirus company to licence some top-quality URL filtering or firewall technology.

If nothing else, VPN outfits could give you better deals on related services from security suites to remote working services and Usenet providers. VPN users are experienced and knowledgeable as a group, and generally speaking they’re interested in security and often have money to spend, so giving them more options and choices will benefit everyone.

5. Offer PAYG pricing

Paying for a VPN normally forces you to choose from a couple of options: either you go for an overpriced monthly plan, or to get the best price you're forced to buy a full year's service upfront. These aren't exactly flexible options, and neither will appeal to light VPN users.

We'd like to see more alternatives, especially pay-as-you-go schemes. Why not allow users to buy, say, a 100GB block of data which doesn't expire at the end of the month? It works with Usenet services (and in other areas), and we think it could be a welcome option with VPNs, too.

6. Provide an honest and complete privacy policy

VPNs are all about privacy, so why is it that so many service privacy policies tell you almost nothing about what data is collected, and how it's used?

We'll tell you why. It's because many providers think a privacy policy is just a place to repeat the general ‘we don't have any logs, no, really’ pledge from the front page, or maybe copy and paste some generic policy template they've copied from another site. And they couldn't be more wrong.

A good privacy policy should be detailed, clear and complete, discussing everything a service does and doesn't collect, and explaining why and how it's used. Crucially, there should be no loopholes, no ambiguity, no need to interpret the text, or guess what was meant, or wonder what may or may not be logged. If the text doesn't give the average user a complete picture of what's happening, it's not good enough.

That's difficult. No – it's really, really difficult. But it's also worth it, even if the policy ends up explaining that, for instance, there's some minor session logging. What's more important is that a provider is indicating that it’s honest, transparent and worthy of the user's trust, and that's what people will take from it overall.

7. Accept Bitcoin

If a VPN says it's a fan of anonymity and privacy, then maybe it shouldn't ask us to pay by card, and log our IP address, and store our payment details indefinitely. And then claim to protect those details with some generic clause along the lines of ‘we promise not to share them, ever, unless we really have to, but it'll all be fine, honest.’

Here's a better approach: just accept Bitcoin. It’s easy enough, at least for those already using it. There are already quite a few good providers using Bitcoin, if you're interested (for example ExpressVPN, VPNArea, IPVanish), but we'd like to see many more.

8. Allow anonymous signups

No matter how clear and detailed a VPN’s privacy policy might be, it's not an absolute guarantee of anonymity. The reality is it's still just a form of words, and you can't be completely sure a provider will deliver what is promised.

That's why VPNs should provide an extra layer of protection by allowing truly anonymous accounts. Don't ask for names, countries, phone numbers, not even email addresses – none of that is absolutely necessary.

Allow Bitcoin payments, as we suggested previously, and users become much safer. Even if an internet action is linked back to their account, there's little or no data which links the account back to them.

Unrealistic? Nope – Mullvad does it right now. Try it: go to the Mullvad site, click Get Account, complete the CAPTCHA and click Generate Account Number. That creates the ID that represents your account instead of an email address, and you can immediately download a client and sample the service for free with a brief three-hour trial.

9. Offer a VPN router

Most VPNs love to boast that you can use the service on ‘all your devices’, but this isn't always easy. You'll need to separately install clients on every mobile, desktop PC and tablet – maybe set up OpenVPN on unsupported devices – and then figure out how to manually set up smart TVs, game consoles and whatever else you need to use. All while trying to avoid falling foul of the VPN's limit of maximum simultaneous connections.

All of this could be avoided if providers would offer VPN routers. Getting started becomes as easy as plugging the new router into your old one and providing your account ID. Once it's authenticated, the router appears on your local list of wireless networks and you can log in as usual from any device.

This ease of use will come at a cost, and we don't just mean the hardware. Many providers sell accounts for single users only, and a setup which encourages whole families to use the service is going to be more expensive. But that will be a price well worth paying for some people, and we'd like the option to be available.

10. Provide a support forum

There are two ways to get support from a typical VPN provider. First you'll search an underpowered web knowledgebase for the answer, and when that fails – as it usually does – you'll have to contact the support team directly and wait minutes, hours or days (who knows?) for a reply.

We would like to see providers offer a support forum, too. This takes careful management – users should be encouraged to post in the forum, but not so much that it's flooded with vague "it doesn't work, help!" messages from folks who never return – but get the balance right and there are real benefits here.

A good forum allows everyone to see current issues, for instance. You can learn from questions asked previously, and maybe diagnose problems you didn't properly understand before. And it shows some real transparency, as the provider is allowing you to see problems users have and how they're addressed.