ProtonMail has officially launched its first new standalone service, three years after the company’s original encrypted email service went to market.
With ProtonVPN, the Swiss company is doubling down on its privacy-focused smarts with a new virtual private network (VPN) service. A beta version of ProtonVPN was quietly rolled out back in March, and after several months of testing and iteration the service is now ready for prime time.
By way of a quick recap, ProtonMail was founded out of CERN in 2013, and after a period in beta the company launched its encrypted email service globally last March, with the promise of client-side encryption for all. Since then, the company has added two-factor authentication (2FA) to its service, and as of January this year it also supports Tor.
The rise of VPNs
VPNs have been popular tools in the online world for years, helping internet users cloak their true location so they can access services usually restricted to other regions, while also enhancing their privacy. In the wake of Donald Trump’s election victory last year, a number of VPN and encrypted messaging services reported a surge in downloads, as many saw the incoming government as a threat to online privacy and general internet freedoms.
“The importance of VPNs for online security and privacy is increasing day by day,” noted ProtonMail cofounder Dr. Andy Yen. “Back in April of this year, Obama-era FTC rules designed to protect the privacy of internet browsing history were rolled back. Fast forward to today, and attempts are being made to dismantle net neutrality in the U.S., and several European governments are now calling for increased online surveillance. Last, but not least, for over 1.5 billion people around the world, the internet does not live up to its promise of freedom of information. Instead, the internet is a highly restricted and censored place, constantly under surveillance, where making a wrong move could lead to imprisonment or worse.”
That ProtonMail would elect to bring its own VPN service to market isn’t all that surprising, given its core raison d’être in the email realm. But with a plethora of VPN services out there already, isn’t ProtonMail entering an already over-served market? It is, for sure, but at the time of its original announcement back in March, ProtonMail promised to address “many of the security shortcomings which impact existing VPN services,” including those that use pre-shared keys or insecure protocols and encryption.
Available today with native desktop apps, ProtonVPN promises a Secure Core architecture that channels traffic “through multiple encrypted tunnels” in multiple countries to defend against network-based attacks, similar to how Tor works — in fact, ProtonVPN comes with built-in Tor support.
It’s also worth noting here that given that ProtonMail is based in Switzerland, the company operates within some of the world’s strongest privacy laws.
As with the ProtonMail email service, there is a free version of ProtonVPN, though it does come with limitations — for example you can only access servers in three countries and you can only register a single device. Plus, you don’t gain access to the company’s Secure Core network or Tor servers.
The free incarnation will likely suffice for some, but those seeking deeper levels of security and privacy can pay $4, $8, or $24 per month for access to servers in all 14 countries, from Australia, Switzerland, and the U.K. to Canada, Sweden, and Singapore. Additionally, you’re promised access to higher speed servers and more devices and Secure Core / Tor support.
The ProtonVPN desktop app is fairly easy to set up, and its slick visuals make it fun to use — well, as “fun” as these kinds of applications can get.
Down the left, you have a number of server options from within each country, you hit “Connect,” and ProtonVPN does its thing.
Based on our brief tests with ProtonVPN, it connected flawlessly every time, though we did experience some really low speeds. On the Plus plan, a normal 30 Mbps home connection was throttled down to less than 1 Mbps when connecting to some U.S. servers from the U.K. Though, as you’d perhaps expect, choosing servers closer to home, such as in Germany and France, yielded much faster results — about the same as a normal connection.
Additionally, each country location has multiple server options, with the U.S. offering 16 (including one Tor) — and I found that by trying different servers I was able to achieve fairly fast speeds between the U.K. and the U.S. (up to 13Mbps). This means network speeds vary depending not only on the country location of the server, but also on where the server is in that country and the time of day. It definitely helps to play around with your server connections.
Digging down a little more into the background implementation, ProtonVPN uses a hardened version of OpenVPN, an open-source and open-standards VPN. This means that ProtonVPN is actually compatible with any other VPN client that supports OpenVPN. With that in mind, those wishing to use ProtonVPN on iOS or Android devices can do so, even though there isn’t a native ProtonVPN mobile app yet, however the process involves installing a third-party OpenVPN app.
A spokesperson told VentureBeat that native applications for all popular platforms would be released over the course of the next year.
“We’re building a VPN service that can be worthy of your trust,” continued Yen. “We understand that when it comes to VPNs, trust is paramount. Whether it is our transparent VPN threat model, our Swiss jurisdiction, our reputation, our relationship with the community, or the fact that you actually know who we are, we’re committed to building and operating ProtonVPN with the same level of transparency that has come to characterize ProtonMail.”