What is a VPN? - How virtual private networks keep you safe in 2024

Virtual private networks (commonly referred to as "VPNs") are a popular security tool, used to hide your internet usage from cybercriminals and unblock content around the world—or at least, the best VPN services do.  If you're one of the many who aren't quite sure what a VPN is, you're not alone. 

VPNs have become more mainstream over the past few years—with the boom in streaming popularity during the pandemic lockdowns, more and more people now use them to watch their favorite shows in total privacy, anywhere in the world. 

To help you stay safe online and make the most of the internet, our experts explain will answer "what is a VPN?" and break down everything you need to know about virtual private networks in plain language. We've also included an alphabetized glossary at the end of the article to help you navigate some of the most common terms you'll see when reading about VPNs.

The best VPNs today

If you're looking to protect yourself right now, we've included our three best VPN service recommendations:

1. ExpressVPN: the best VPN service in 2023

1. ExpressVPN: the best VPN service in 2023
ExpressVPN offers easy-to-use apps, lightning-fast speeds, peerless quality, and reliable content unblocking—all with 24/7 customer support. It even comes with a built-in and reliable password manager to make life simpler. 

It's pricier than competitors like NordVPN, but ExpressVPN makes up for it by offering 1 year of unlimited cloud storage and 3 months of extra protection for free on a 12-month subscription. With a 30-day money-back guarantee, you can put it to the test without risking a penny.

2. NordVPN: the best VPN security suite
NordVPN offers an all-in-one VPN solution with built-in ad blocking and malware protection as standard

2. NordVPN: the best VPN security suite
NordVPN offers an all-in-one VPN solution with built-in ad blocking and malware protection as standard. Combine that with rapid server speeds, lots of customization, and fantastic features, and you can see why it's a close runner-up to ExpressVPN. 

While NordVPN isn't the best VPN for torrenting, its greatest strength is streaming, and it currently tops our list as the best VPN for Netflix. Take advantage of NordVPN's, 30-day money-back guarantee and see how it compares to ExpressVPN totally risk-free.

3. Surfshark: the best cheap VPN

3. Surfshark: the best cheap VPN
Surfshark keeps giving us reasons to recommend it. It's a high-value, low-cost option that's easy to use, packed with security features, and easily unblocks restricted content abroad. 

With servers in over 100 countries, you can stream your favorite shows from almost anywhere. Best of all, Surfshark costs as little as $2.30 per month, and it comes with a 30-day money-back guarantee to try it out.

What is a VPN?

A VPN creates a private network just for you—linking your device to a secure server elsewhere in the world. In doing so, it encrypts your data—encoding the information so no one can spy on what you're doing.

The servers are usually owned by the VPN providers, but it's not uncommon for some of the lower-ranking providers to rent servers. Renting servers usually means slower speeds, less bandwidth control, and sometimes even potential security risks. So it's important you pick the right service rather than picking one at random.

By routing your internet traffic through a remote server, it replaces your IP address (your device's digital signature), making it appear as though you're accessing from that particular place. For example, if I connected to a server in New York, USA, it would appear as if I were physically located there, rather than here in England. You can do that for any country where your chosen VPN offers.

By connecting to a VPN, websites, apps, and services see requests coming from the VPN server, rather than your own device, making it almost impossible for cybercriminals, websites, advertisers, and even governments to track what you're doing.

How do VPNs work

Whenever you go online, your device—whether that be a computer, laptop, smartphone, game console, or anything else—is constantly sending out data requests and receiving information back. Your browser might send a request to Twitter or Facebook for a particular account, for instance, then receive the latest page.

Some of this data can be seen by your internet service provider (ISP), and if you're using a public Wi-Fi hotspot, or even Wi-Fi that isn't your own, it can be intercepted by the hotspot operator or any nearby hacker. 

The website you're visiting may also be able to find out much more about you, including your approximate location, browsing activities, device information, and even your personal data.

Infographic showing how a VPN works

VPNs channel all of your internet traffic through encrypted tunnels so that it can't be seen by hackers, governments or ISPs (Image credit: ExpressVPN)

VPNs use encryption protocols: specific instructions designed to make your data unreadable to anyone that doesn't have the decryption key—usually your device and the website that you're trying to access. There are plenty of protocols out there, and some providers even create their own (such as ExpressVPN with Lightway, and NordVPN with NordLynx), but the most common ones are:

The combination of encryption and routing your traffic through a VPN server creates a tunnel for your data, hiding your real data from snooping third-parties. Those same websites that would otherwise see all of your information, now see the information of the VPN server, and are none the wiser.

That hacker sitting in the corner of the coffee shop setting up a "free Wi-Fi" hotspot won't be able to see what your information as they comb through the traffic. Instead they'll just see a scramble of letters, numbers and symbols that make no sense whatsoever, and would take an eternity for them to crack.

In short: a VPN works by keeping your real information hidden—protecting your identity, and spoofing your location to let you access apps, sites, torrents, and content anywhere in the world, with total peace of mind.

What are the VPN benefits?

Online security: connect to a VPN on your computer, phone, or tablet when using public Wi-Fi and its encryption hides everything you're doing online, immediately protecting you from hackers, rogue hotspot operators, and others who might want to steal your personal information.

Bypass web censorship: sometimes, a network prevents access to specific sites—your school might block YouTube, for instance. Connect to a VPN, and the network can't see the sites you're visiting anymore. That means it can't block them, either, and you'll be able to browse the web as usual.

Similarly, visit a country where content is censored, and you might find social networks, international sites and other areas of the web are unavailable. But again, connecting to a VPN means the censorship systems can't see or block the sites you're visiting, and you can access whatever content you wish.

Get around geo-blocking: streaming sites often restrict content to viewers in particular countries, a strategy known as geo-blocking. If a show is only on US Netflix, for example, you won't be able to view it in the UK. Connect to your VPN's New York server, though, and Netflix may think you've relocated, and allow you to stream whatever US-specific content you need (although you should note that some providers work better than other VPNs for Netflix).

The same goes for live-streaming. If there is a sporting event happening on TV in your home country, but you happen to be abroad on holiday, it's 99% likely that the broadcaster will geo-block that coverage. Using a VPN, you can change your location so your laptop, tablet, phone, or TV streaming device thinks it is back in your country. That should let you watch as normal.

Travel: using a VPN to get to a new virtual country can bring financial benefits. Flights, hotel rooms, and all kinds of web services may be priced very differently around the world, and appearing to be in a different country could get you a much better deal.

Anonymity: simply connecting to a VPN immediately makes you more anonymous online, helps to conceal your identity from websites and advertisers, and reduces the chance of anyone tracing a particular internet activity back to you.

How can’t a VPN improve my life?

Complete anonymity: even the best VPN services can't protect you completely in every situation. If you log into an online account, then that site knows exactly who you are—whether you're using a VPN or not. Websites use cookies and other tricks to recognize you and log information about your activities. VPNs help, but they don't guarantee total online anonymity. 

On top of that, while a VPN service provides safety in numbers, it is in no way a guarantee of total anonymity. If a provider is served a warrant and gag order by authorities, they may be forced to log your activity without telling you. This is a very rare occurrence, and some providers have even gone to court to prove their claims. Like PIA, who proved its no-logs policy not once, but twice.

Avoiding malware: there are an increasing number of VPNs with virus protection and vice versa—see our list of the best internet security suites—virtual private networks can't themselves deter or erase viruses, malware, or online scams. For that, you'll still need a suitable antivirus program (even a free antivirus is better than nothing).

Getting free TV streams: you may see many providers talking about how they're a great VPN for streaming and, as described above, that's true enough when it comes to watching overseas shows and sports. But a VPN won't suddenly give you a free account for Netflix, Disney Plus, Amazon Prime Video, or any other paid-for streaming service.

What devices can a VPN run on?

Custom apps: it's typically straightforward to use a VPN on desktops, laptops, mobiles, and tablets, even if you're a total beginner. Most VPN providers have software for Windows, Mac, Android, and iOS, and getting started can be as easy as installing the appropriate app for your device.

Some providers have support for other platforms. They might have apps for routers, Amazon Fire TV, Android TV, Chrome OS, Linux, and more. That's handy if you're unblocking US Netflix or other content, as you're able to stream it directly on your smart TV. 

Manual setup: the best VPNs have detailed guides on setting up their services on other devices. Take ExpressVPN, for example. It doesn't just have a powerful range of mobile and desktop apps, it also has setup guides for Apple TV, Chromebook, Nvidia Shield, PlayStation, Roku, Xbox, LG, and Samsung Smart TVs, and more.

NordVPN being used across numerous different devices

VPNs can be used on computers, laptops, mobile, routers, TV streaming devices and games consoles (Image credit: Future)

How many devices can I protect with a VPN?

Most providers allow you to set up the VPN on as many devices as you like, but there is one potential catch: they'll often restrict the number of devices that can be connected at the same time. This limit can be as low as five, so if your family is sitting around the smart TV, two using the VPN on mobiles, and two on apps, all while you're streaming US Netflix, you won't be able to connect another device until you disconnect one of the others.

If this might be a problem, look out for VPNs that give you extra support. Many now support ten simultaneous connections, and some have no fixed limits at all (like Surfshark). Most providers clearly display their limit on the website, but they might describe it in one of two ways: "we support up to five devices", or "we support up to five simultaneous connections." That wording is key, because some providers offer an active install limit, rather than a simultaneous device usage limit.

How much does a VPN cost?

Average pricing: premium VPNs range anywhere from around $2 to $12 a month, largely depending on the length of the subscription. Free VPN trials are available from most providers (often in the form of a money-back guarantee) if you'd just like to see how the technology works.

One thing to be aware of is that although VPN providers mostly always show their pricing in terms of monthly cost, they will still charge you the full price upfront when you sign up.

VPN plan lengths: commercial VPN companies typically offer monthly and annually billed plans, with some offering subscriptions of up to five years. In most cases, the longer the subscription, the better value you'll see.

Monthly plans are typically priced at $10 to $13. Pay for a year up-front, and this usually drops to around $4 to $8. Sign up for a long-term plan and there are even more savings to be found. The likes of PureVPN and Ivacy have been known to charge less than $2 a month for plans of three to five years, and occasionally, we've seen other providers ask for less than a dollar a month.

These ultra-low headline prices might catch your eye, but think carefully before you sign up. A good VPN needs numerous fast servers, knowledgeable developers to write top-quality apps and keep them updated, and expert support staff available 24/7 to help you solve any technical issues. That's expensive, and if a VPN isn't charging enough money to cover everything it should be doing, that's inevitably going to compromise the quality of the service.

Here's an up-to-date list of the best VPN deals currently being offered by today's top providers:

Free VPNs: some VPNs are entirely free and unrestricted. These have a lot of appeal but beware: free VPN apps have previously been used to install malware, log your browsing history, inject ads into web pages, and more. Even if the provider is entirely honest, providing fast and reliable service with regularly updated apps and helpful support is expensive. No free VPN can compete with the top paid providers.

How to choose a VPN

There are several factors to consider when you're choosing a VPN, and their importance will depend on what you'll be using yours for—so think about what you want to do with it before you buy.

A VPN with a large server network is a good sign, but check whether they have them in the locations you care about. If you're planning to use your VPN on a multitude of laptops, mobiles, streaming devices, and routers at once, then make sure that there are enough simultaneous connections to cover them all.

If you want to use your VPN for streaming, then check that it unblocks your favorite streaming service, while keen torrenters will want a VPN with plenty of P2P servers and a working kill switch.

Of course, there's the price to consider—more expensive doesn't always mean better, and there are some great value options available on this list. And you can always give the best VPNs a whirl with a free trial, too.

Are VPNs legal?

VPNs are legal to use in most countries worldwide, but there are some exceptions: Iraq, North Korea, and Turkmenistan all ban VPNs entirely. China allows you to sign up for a VPN, but only if it's a government-approved provider. The UAE, Oman, and several other countries have regulations that may make some VPN use illegal. Russia and Turkey haven't outright banned VPNs, but they may block access to some VPN servers and provider websites.

This isn't an exhaustive list, and the rules may change at any time as countries introduce new regulations. The key point to remember is it's your responsibility to understand the rules, so do some research before you travel.

Although VPNs are entirely legal in North and South America, Western Europe, Oceania, and most of the rest of the world, there are a couple of points to keep in mind.

First, VPNs are often used to fool streaming platforms into thinking you're in another country, for example allowing you to access US-only Netflix content from anywhere in the world. That's not illegal, but the streaming companies don't like it, and some say they might close your account if they catch you doing this. 

Note: it's very unlikely to happen, but be careful—don't complain to Netflix's customer support if a VPN doesn't work.

The second is that even where VPNs are legal, they're still often used for illegal activities. If you share copyrighted material, hack a network, or sell on the dark web, then you can still get into trouble if you're caught. If in doubt, check the VPN provider's terms and conditions page—there's almost always a list of activities it doesn't allow.

Remember: for the most part, it's not the VPN that's illegal, it's what you're doing with it that might be.

VPN networks across the world

VPNs are mostly legal around the world, but there are exceptions. including Iraq, North Korea, and Turkmenistan (Image credit: Pixabay)

Are VPN services trustworthy?

We believe the top VPNs are trustworthy, and doing their very best to protect you and your privacy.

Secure technology: you can see this in the comprehensive technologies they'll develop to keep users safe. ExpressVPN's TrustedServer scheme uses multiple layers of protection to ensure every server is running using the same software, for instance, making it far more difficult for an attacker to compromise. 

Even if we imagine a movie-type scenario where a hacker breaks into the ExpressVPN offices and tries to insert a secret back door into the server code, that still wouldn't be enough. The system won't accept changes until a developer has gone through authentication to prove their identity, and the code has been reviewed by someone else.

VPN audits: many providers are increasingly demonstrating their privacy credentials by putting themselves through third-party VPN audits. Typically, these allow experts from respected names like PricewaterhouseCoopers, Leviathan, and Cure53 to inspect a provider's apps, check their servers, look at source code, run in-depth technical tests, and generally confirm they're protecting your data in the ways they claim. Check out our guide on what a VPN audit involves to find out more.

Audits are helpful because they're not just about catching fraudulent VPNs that might log your browsing: they can also confirm the apps and servers are working properly and don't have any bugs or other deficiencies which might leave you exposed.

These steps can't guarantee a VPN is safe, but they're a very positive indicator. And although it's important to look for a trustworthy VPN, it's worth keeping the issue in perspective. Password managers, web hosts, cloud backup companies, and many other services also have huge responsibilities when it comes to looking after your data, but most make little effort to prove they're doing this properly. The best VPNs do considerably more to reassure potential customers and show how they're protected.

Do VPNs affect performance?

Connect to a VPN and the service must encrypt and decrypt your traffic, then route it through the VPN server. The extra overhead is likely to reduce your internet speeds. Distance matters, so the effect will be even more noticeable if you're using a server on the other side of the world.

But in reality, you're unlikely to see any significant difference when using a good premium VPN. We fully test VPN performance in our reviews, and the top providers deliver very high speeds just about everywhere. You should have no trouble with browsing, streaming, or any of your regular web tasks.

There's a possible exception with online gaming, where it's vital to have the best possible speeds. But you can turn off the gaming VPN temporarily to restore your normal performance. 

Alternatively, some VPNs have a feature called "split tunneling," which allows you to specify apps that bypass the VPN and use your regular connection, instead. Set this up, and you could have most of your traffic protected by the VPN, but allow your games or other performance-sensitive apps to connect as normal for the maximum possible speed. 

Illustration of a man with a laptop sitting on a speedometer

If you use a good VPN, you're unlikely to notice any impact on your device's performance (Image credit: Shutterstock)

What free VPNs are available?

Some commercial VPNs have limited free plans. PrivadoVPN, Proton VPN, Atlas VPN, Hide.me, Windscribe, and others all allow you to sign up and use a basic version of the service at no cost, for as long as you like.

These free versions often have significant restrictions. Most limit your data use to around 1GB to 10 GB per month (although ProtonVPN's free plan supports unlimited usage.) You often won't get access to all a VPN's locations; some free VPNs don't allow you to choose a location at all, they select the nearest for you. And they may omit significant features, such as the ability to unblock streaming sites.

These limited free plans could be enough for simple tasks, though. Even if you can't live with the restrictions for long, they're a convenient and risk-free way to try out a VPN app, and see how its apps work for you. They're also far more trustworthy than most of the anonymous free competition because you can clearly see who runs them, how they're funded, read detailed privacy policies, and generally understand more about how they work.

The dangers of free VPNs

Search for "VPN" on Google Play, and you'll find apps from more than 200 providers, with many being entirely free. It's easy to wonder why you'd ever use anything else, but our testing and experience show these smaller VPNs usually aren't worth the gamble.

Many seem untrustworthy, for instance. They don't tell you who runs them. They may not have a website. Some are only contactable via a generic Gmail address. They don't tell potential users anything about the encryption or other technologies they use. In some cases, we've even noticed providers who steal the privacy policy from a legitimate VPN and pretend it's their own.

Even if a free VPN is honest, use the service, and you're likely to pay in other ways. Constant ads, for instance, every time you do anything on the app. And with all the surrounding waiting, you might have to do it because you're connecting to an overloaded server with far too many users.

Yes, true, they're free, but is it really worth trusting your internet activities to a dubious-looking provider, just to save the $2 to $4 a month you might pay for some legitimate and high-quality commercial servers? We say not—especially with the quality on offer from the best cheap VPNs.

If you have zero budget and there's no other option, free VPNs might just about work for unblocking Netflix or other streaming sites. But don't leave them connected (or, ideally, even installed) when you're using the web for anything else, and don't ever use them to protect anything privacy-critical.

How to avoid dodgy VPNs

You're using a VPN because you don't trust your websites and ISP with your data, and that makes sense. But are you sure you can trust your VPN? Are you positive it's not logging your online activities, and selling them off to the highest bidder?

VPN providers know this is a big concern, and most claim that they don't keep logs of the websites you visit, the files you download, or any other details of what you're doing online.

These are reassuring words, but can you really trust them? If a provider is logging and selling your browsing history, it's unlikely to admit this on the website.

To be really safe, it's best to pick a VPN that has put its services through a VPN audit as described above. Many of the best providers are already doing this, calling in independent experts, allowing them to inspect their systems, and verifying that they're living up to their privacy promises.

VPN terminology glossary

AES encryption: a secure form of encryption that defines how to encrypt and decrypt your data. First established in 2001 by the U.S. National Institute of Standards and Technology (NIST), AES now represents the global standard of encryption. 

From messaging apps like WhatsApp and Signal to privacy software like VPN services, it is now employed for a vast array of technologies. You might have come across different denominations like AES-128, AES-192 and AES-256. The number at the end relates to the length of the cipher’s key. As a rule of thumb, more bits make for stronger encryption. 

Browser history: the list of all the web pages you access with your browser, together with some other metadata like the page title and time you visit the site. Even though your web browsing history is generally locally stored, cookies and other web trackers associated with the pages you visit may collect some of your personal information. The good news is that secure browsers offer a private browsing or incognito mode for extra privacy. This means that both your browsing history and data associated with the session are never recorded. 

Dynamic multi-point VPN: a routing technique generally used by organizations to create a VPN with multiple sites. It differs from a static VPN as the data moves from one site to another without the need to pass through its central server. A DMVPN gives businesses more flexibility to tailor networks according to their needs and make wide communication easier, while cutting operational costs. This form of dynamic tunneling is supported on Cisco IOS-based routers, Huawei AR G3 routers, and on Unix-like operating systems.

DNS: think of the Domain Name System (DNS) as the internet's phone book. Every time you look for a certain site on the web—like techradar.com, for example. You do so by typing the domain name associated with it. At the same time, browsers list websites according to their IP addresses—a unique number linked to each device existing on the net. DNS is the technology that enables your machine to match domain names with their respective IP so that the internet can load the resources you are looking for. 

DNS leak: using a VPN means that, theoretically, all of your DNS requests are protected by the encryption tunnel. However, your security software might fail to properly protect you. When a DNS leak occurs, your data—like browsing activity and your device IP—may be exposed to attackers. Luckily, there are plenty of free DNS leak testing websites around that you can use to check whether your security software is doing its job.  

Encryption: The process of scrambling your data to make it unreadable for a third party. This means that if attackers manage to access your data, they won't be able to decrypt the information. Different encryption algorithms are responsible for defining the formula through which your data is encrypted and transformed in ciphertext, and then decrypted via a cryptographic key. 

Similar to a physical key, the data can be accessed with the right key only. There are different types of encryption. Symmetric encryption, like AES used in VPNs, is a straightforward process where everyone uses the same secret key. Asymmetric encryption uses a public key to scramble the data and a private key for decryption. 

Gateway: the networking device that links different remote sites, devices, and networks together within a VPN infrastructure over a non-secure network like the internet. It can connect multiple VPNs, too. Generally, a physical router or a VPN gateway can also be a server, firewall, or similar. It allows the routing and blocking of VPN traffic, providing services like IP address assignment and management.  

Geo-restrictions:  policies and technology (usually firewall