Signals of a Trustworthy VPN
We wanted to change the landscape and give consumers another reason to trust us. To do this, we reached out to the Center for Democracy and Technology and asked them to create an independent vetting process and a set of standards to hold VPN companies to. With this came a list of questions to define the signals of a trustworthy VPN . As part of this initiative, a lot of companies were asked to answer the questions, but only a few agreed to take the vow of trustworthiness with us.
We care about our customers and we support them with the most secure technology, but our commitment doesn't stop there; We want to raise the standards for the entire VPN industry, so users everywhere get to experience a safer and more secure internet. We encourage other providers to do the same and become fully transparent. Read below to learn more about VyprVPN and why it is a trustworthy service.
From the Center for Democracy and Technology
Trust is a critical component to a thriving digital ecosystem. While VPN services are often a tool for users who lack trust in the practices of other online entities, these services must still foster trust in users that they adequately obscure individuals' digital footprints.
Responsible VPN providers should ensure that their users' information is handled in a way that respects the trust placed in them by individuals. VPN providers can see a great deal of user information, such as: users' location, every website they visit, their unencrypted email content, the apps they use, and much more. User information should not be sold or shared in unexpected ways, such as web browsing habits being exploited for sale or handed over to law enforcement or other public authorities without proper legal procedures in place. VPN providers should provide users with transparency about basic security practices, company business models, economic incentives, and ownership structures.
Below is a list of questions that a trustworthy VPN service should be able to answer honestly, clearly, and thoroughly, signaling the provider's commitment to earning user trust.
Our Signals of Trustworthiness
CORPORATE ACCOUNTABILITY & BUSINESS MODEL
1. What is the public facing and full legal name of the VPN service and any parent or holding companies? Do these entities have ownership or economic stakes in in other VPN services, and if so, do they share user information? Where are they incorporated? Is there any other company or partner directly involved in operating the VPN service, and if so, what is its full legal name?
Certida, LLC is the full legal name of the company that offers VyprVPN. We do not have economic stakes in other VPN providers and thus do not share any user information with any other VPN service. To our knowledge, we are the only VPN provider in the world that 100% owns and operates its server and network infrastructure, including our zero-knowledge VyprDNS® service.
2. Does the company, or other companies involved in the operation or ownership of the service, have any ownership in VPN review websites?
Our company does not have ownership nor operate any VPN review websites.
3. What is the service's business model (i.e., how does the VPN make money)? For example, is the sole source of the service's revenue from consumer subscriptions?
We do not sell user data to generate revenue. Our sole source of revenue comes from VyprVPN consumer and business subscriptions.
PRIVACY: LOGGING/DATA COLLECTION PRACTICES AND RESPONDING TO LAW ENFORCEMENT
1. Does the service store any data or metadata generated during a VPN session (from connection to disconnection) after the session is terminated? If so what data? (including data from Client / VPN app, APIs, VPN gateways).
2. Do you have a clear process for responding to legitimate requests for data from law enforcement and courts?
Yes. All legal requests are directed to Certida's legal team. Do to the fact that VyprVPN and our VyprDNS services are 100% No-Log for personally identifiable data, we are simply unable to provide any information that identifies our users activity because those data do not exist.
SECURITY PROTOCOLS AND PROTECTIONS
1. What do you do to protect against unauthorized access to customer data flows over the VPN?
As mentioned above, our approach is unique in the VPN industry; we fully own, engineer, and manage our VPN servers and network. Therefore, we are the only company that handles VyprVPN users data and we can guarantee higher levels of protection and security from end-to-end.
2. What other controls does the service use to protect user data?
Any site-to-site transfers of anonymous customer metadata is via encrypted channels only. We store no credit card or other immediately abusable payment information for any of our customers. (We utilize well known, industry standard, payment processors to protect this information.) We utilize multiple protocols for encryption which include NAT firewalls for all connections. Additionally, we have a Kill Switch feature which automatically blocks your internet connection whenever VyprVPN is disconnected. Additionally and perhaps most importantly, we are constantly investing in our talent to ensure that they are experts in their fields and prepared for any potential challenge. We truly work to guarantee our customers are getting the best, most secure service available.