- Three-day free trial
- Peer-to-peer (P2P) allowed
- Kill switch
- No logging
- No application throttling
- Servers in only 12 countries
- No live chat for support
The Virtual Private Network (VPN) has a relatively small server network, so check the list to see whether the country you want to access restricted sites in is represented before you commit to the service.
IVPN specializes in multi-hop VPN encryption. Under this system, your connections are passed through two VPNs, with double encryption applied to all the data that passes between you and the website that you want to visit.
How Much Does iVPN Cost?
Although this service is based in Gibraltar, the price is set in US dollars rather than UK pounds. You are allowed three simultaneous connections with an account. However, the terms of service specifically ban the sharing of subscriptions, even within the same household, which seems to be an unnecessarily harsh stipulation.
As with most VPN services, the company charges a subscription with the shortest service period set at one month. You will get a lower price per month if you sign up for a longer period. However, you have to pay for the entire term of the subscription up front.
You can pay for the service with a credit or debit card, PayPal, bitcoin, or cash. The bitcoin and cash payment options have the great advantage of creating anonymity. However, in both cases, you can’t get the three-day free trial. Cash payment is only available for a one-year subscription.
Although the free trial is a good option for those who aren’t sure whether they want to commit, you have to enter your payment details in order to get the offer. The company will not charge your account for three days, so it is up to you to cancel your service agreement within that period to prevent the payment going out.
After the payment has been applied to your bank account, you have seven more days to cancel the service and request a refund.
What Do I Get?
IVPN has the following key features:
- Up to three simultaneous connections
- OpenVPN for computers
- Layer 2 Tunneling Protocol (L2TP)/Internet Protocol Security (IPSec) for mobile devices
- Port forwarding
- P2P downloads allowed
- Strict no logging policy
- Kill switch
- Internet Protocol version 6 (IPv6) and Domain Name System (DNS) leak prevention
- Obfsproxy cloaking technology
- Warrant canary
- Diffie–Hellman key exchange-based perfect forward secrecy
- Strong session establishment privacy
IVPN uses OpenVPN for computers and L2TP/IPSec for mobile devices. The OpenVPN implementation includes 256-bit Advanced Encryption Standard (AES) encryption. AES is a symmetrical key system, and this requires both sides in a connection to have the same encryption key.
The company uses 4096-bit RSA public key encryption for key exchange, which is the strongest security available in the VPN industry at this time. The VPN uses new encryption keys at the beginning of each session and replaces these every hour during long sessions. This system is called perfect forward secrecy and it vanquishes any attempts by snoopers to crack the encryption key, because they would not have anywhere near enough time to process through every possible combination.
Logs and Location
The company’s founders are members of the Electronic Frontier Foundation and are adamant that one of their aims is to maintain privacy and freedom of access on the internet.
One of their methods of assuring customers of their privacy is to publish a warrant canary on their site. To date, they seem to have evaded court orders demanding that they hand over customer information or activity logs.
The company keeps each customer’s email address on file, linked to the VPN account ID. Payment details are also stored. Procedural logging is not linked to customer account details. However, it is not beyond the bounds of technical know-how to join those two information sources together.
Copyright infringement actions would be directed against the company, as its IP address appears on any logs of activities that might exist on torrenting sites. However, IVPN states that it has no method to pass that legal liability on to its customers.
The server network of the company covers:
- Hong Kong
- The Netherlands
- United States
Signing Up for IVPN
Click on the Sign Up button in the menu at the top of every page on the IVPN site.
This will take you through to the pricing page. Click on the Start Free Trial button to proceed. You will have to enter your payment details at this point, even though you are only asking for the three-day free trial.
If you choose to pay with PayPal, the system will log you into the payment server before the final bill has been calculated. The PayPal agreement will refer to payment that will be withdrawn from your linked bank account. However, further down in the small print, the agreement states that funds that you have in your PayPal account will be used first.
When you choose a subscription period, make sure you uncheck the repeat billing box. They don’t like you doing that, so you will get a sniffy message.
The resulting account statement shows that you don’t owe any money at that point. Click on the Start Free Trial button to continue.
On the next page you will see a service confirmation message. The company will also send you an email to confirm your account. A second email contains your generated username. You use the password that you set up when you created the account.
You get to the download page for the client software by clicking on Setup in the top menu of the site.
The system will detect your operating system and cue up the appropriate install file.
Click on the Download button to get the software. Click on the transferred file when the download completes. The installation process uses a standard install wizard, which you just have to click through.
The installer will also copy down a support program, called a TAP file. Most VPNs use this file, but unfortunately they don’t all use the same version, so if you have other VPNs on your computer, they might stop working.
Surprisingly, the installation wizard doesn’t set up a desktop icon to access the program. You have to go and find IVPN in the programs list from the Start menu.
You will be prompted for your username and password the first time you use the app. The username is a random string of characters, which is impossible to remember. You can cut and paste it from the welcome email that you received on sign up. Fortunately, the app stores these credentials so you don’t have to type in that username again.
The IVPN firewall is what other VPNs call a kill switch. This prevents any internet communications when the firewall is turned on but the VPN has not been started.
The controls for server selection don’t work while the VPN is active. This means that if you want to switch from one location to another, you have to disconnect the VPN, select a new location, then turn the VPN on again.
You access the server list by clicking on the location bar at the top of the app. The server list gives response times for each machine from your current location.
You get to the Settings system by clicking on the cog icon at the top right of the app. Under the Connection tab, you have a choice of whether you run over Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) and in each case you can select between two ports for each.
If you are not that into networking protocols, you are better off leaving these settings alone. Transmission Control Protocol was created at the same time as the Internet Protocol (IP). Its job is to negotiate connections and maintain them during a session. The User Datagram Protocol is a lightweight, “connectionless” alternative that is favored for fast-moving streaming applications, such as video streaming or IP telephone calls.
The obfsproxy option will scramble the contents of each packet to try to foil VPN detection systems. This methodology is known as a cloaking device.
You don’t get a choice of altering the encryption system or preferred VPN protocol from within the app. You just have to stick with OpenVPN with 256-bit AES encryption.
Click on the Multi Hop tab in the main screen to experience a unique feature of this VPN. Rival services offer multi-hop encryption, but they usually list pre-set combinations in the server selection screen. With IVPN, you can set your own combo.
Click on the server location for both the first and second server in the chain. In each case you get to the standard server selection list. One annoying bug with this function is that the two server locations start off with a default location. The system will not let you specify two locations in the same country. So, if one of those default locations is in the country that you want for the other server, you have to name a third country first, just to get out of the default settings.
A word of caution about the use of this feature: it is likely to slow your connection down. Also, make sure that you chose an exit server that is in the same country as the computer that you want to communicate with if you want to circumvent regional restrictions.
IVPN doesn’t have a live support system. In order to ask a question, you need to go to the client area on the company’s website.
Click on Submit Ticket in the left-hand menu. The help request system is based on a standard web form.
As you type, the system will try to head off time-wasting questions by searching through its knowledge base for suggested solutions.
I did read the suggested article, but I submitted the query anyway – just to test the support service.
You get an auto-response email after clicking the Submit button. You should be notified by email when you receive a reply to your request. You can also check in the support section of the client area to see the status of your help request.
In this speed test you will see both the single hop and the multi-hop configurations of the service put through their paces. These tests were performed with speedtest.net from a location in the Caribbean.
Here is a report of the speed test on a local connection without the VPN turned on:
Local speeds in this location are not as good as they are in many countries. Here is the speed report on an unprotected connection to Miami:
Checking into London over the internet without IVPN turned on got these speeds:
These speeds are grouped fairly close together. Often, a good VPN can increase speeds even though the computer has to do a lot more work to encrypt and decrypt every message. This is because VPNs can have “peering” agreements with much higher quality intermediate networks than cost-cutting Internet Service Providers can afford.
As a general rule, it is better to select a VPN server that is physically on the path of your intended connection. A server either close to your current location or close to the computer you want to contact is usually your best bet. However, sometimes a network might include a super-fast server in a non-linear location, which can provide better speeds than the geographically logical choice. This is why the response times metric that appears in the IVPN server list is so useful.
For these tests, I stuck to servers that were close to the ultimate destination of the connection. This models the choice you should make if you want to get around the regional restrictions on a target web service.
I selected the server in Miami and retried my connection to the same Miami destination computer that I used in the first US connection test.
It seems that IVPN isn’t one of those providers that can speed up a lousy internet connection.
I then made a multi-hop experiment. I set up my first server connection in Romania and then selected the Miami server as an exit point. This choice isn’t as madcap as it seems, because Romania has an excellent internet infrastructure. Thus this combination could potentially make the performance of the VPN speed up.
It didn’t. However, looping all the way over the Atlantic to the other side of Europe and back again didn’t impair speeds either, even though there was twice as much encryption involved in the transaction.
I went back to single hop and accessed the IVPN server in the UK. Here are the speeds on my connection to London:
The speeds were a little lower than on the unprotected connection.
For my double hop to London, I chose to use the server in Miami followed by the server in the UK. This is a logical selection, because not only is Miami the closest server to my location, but it also reported the fastest response times in the server list. If I want to get into regionally restricted sites in the UK, I need an exit point in that country. This is what happened in the speed test:
The situation was very slightly better.
Results on speed tests can vary from moment to moment because of local conditions. I tried each of these tests several times and the results recorded in this review are the best speeds achieved in each scenario.
While I was on the Romania/Miami double hop, I decided to test access to my Netflix account. Netflix redirects access to the service of the country that it detects from the incoming request’s IP address. Iplocation.net reported that it looked as though I was in Miami, so I tried the streaming service. Netflix could not be hoodwinked. The ABC content server wasn’t fooled either. NBC let me watch a show, but its proxy detection bar is set very low.
When I used the IVPN server in the UK, I was able to get into BBC iPlayer and watch a show. I also got into Netflix UK. However, Channel 4 was not duped.
Should I Subscribe to IVPN?
The aims and standards of the IVPN founders are laudable. The location in Gibraltar is a good choice from a privacy perspective. However, the results of the service are not nearly as good as that offered by much cheaper services, such as CyberGhost. It could be worth someone from the UK taking out the service to check in with a Netflix subscription or to watch shows on the BBC. However, for the cost of a subscription to IVPN, you should expect much better performance than cheaper services with larger server networks can offer.
- Free trial for three days
- No quibble seven-day money-back guarantee
- Kill switch
- Easy-to-use app
- IP and DNS leak protection
- Strong commitment to privacy on the net
- Torrenting encouraged
- Up to three simultaneous connections allowed
- Strict no logs policy
- Stingy ban on account sharing
- No live support
- Small server network
- Slow speeds
- Can’t fool streaming services