You can now verify if your Mullvad VPN app is legit

• All Android users can now verify if their Mullvad VPN app is legit
• Starting with version 2025.2, Mullvad has made the Android app builds reproducible in a bid to improve user security
• Reproducible builds are a guarantee that the app you install hasn’t been tampered with by malicious actors

Update: On May 9, 2025, we updated this story to include comments we received from Mullvad after publication.

All Android users can now verify if their Mullvad VPN app is legit before downloading and installing it on their device.

That's because, starting with version 2025.2, Mullvad has made its Android VPN app builds reproducible.

The move comes in a bid to provide users with a trustworthy and secure VPN application. Reproducible builds are a guarantee that the app you install hasn’t been tampered with by malicious actors

TechRadar needs you! We want to know what you think about the world of VPNs. Whether you're a novice or a VPN pro, we want to hear your thoughts. Don't worry, though, your responses are completely anonymous, and it takes less than a minute to complete!

To take part, click the link below: https://futurenet.questionpro.eu/tr-vpn

Verify your Mullvad Android app builds, bit-for-bit

By definition, "a build is reproducible if, given the same source code, build environment, and build instructions, any party can recreate bit-by-bit identical copies of all specified artifacts."

Put it simply, the app code you see when downloading the app should match the source code published by the app developers. This provides assurance that no modification has occurred during the build process.

This comes as 2024 saw a surge in malicious free VPN apps. Cybercriminals increasingly took advantage of the high demand for virtual private network (VPN) tools to spread malware via fake software that mimicked legitimate services.

VPN-based attacks have continued in 2025 as well, with Google warning of attackers using legitimate VPN applications as a backdoor to inject malware and gain remote control of infected devices.

"We believe transparency is crucial for security software. Investing in reproducible builds is a testament to our commitment to providing you with a trustworthy and secure application," wrote Mullvad, one of the best VPN providers on the market right now, in its official announcement.

As mentioned earlier, only Mullvad's latest Android VPN app comes with reproducible builds at the time of writing. It isn't yet clear if and when the company will extend this feature across its other applications.

Talking to TechRadar, a Mullvad developer welcomed the idea, but said the team doesn't have any direct plans yet. "There is no reason we would not want to do it, just that it has not been prioritized/evaluated for the other platforms," the Mullvad developer added.

The company is now urging all technically inclined users to verify Mullvad builds.

This will not only provide transparency to users – which is the main goal – but will also "allow us to verify our own build environment is not compromised," said the Mullvad developer.

The verification process does require some IT skills, but the VPN firm has put together a set of instructions to help you do just that.

"To help ensure we are able to produce reproducible builds over time, we have added initial such checks to our continuous integration (CI) environment," Mullvad added.

You might also like

• Mullvad VPN promises to be even better at protecting you against AI surveillance
• Windscribe CEO speaks out against global threats to no-log VPNs
• Is the future of censorship-resistant VPNs, no VPNs?