Our Methodology

How We Test

Every VPN we review goes through our standardized 14-day testing protocol. We purchase every subscription independently — no vendor-supplied accounts, no preferential treatment.

Scoring Criteria

Every product receives a score from 0 to 10 based on weighted criteria. Here is exactly how we calculate it.

Speed & Performance

30%

We test download/upload speeds and latency across 8 countries using dedicated 1Gbps servers. Each test runs 3 times at different hours to account for congestion.

Privacy & Security

30%

We verify no-log claims through traffic analysis, test for DNS/WebRTC/IPv6 leaks, audit encryption protocols, and review jurisdiction and ownership transparency.

Features & Usability

20%

We evaluate app quality on Windows, macOS, iOS, and Android. Kill switch reliability, split tunneling, server selection UI, and connection stability all factor in.

Value & Pricing

20%

We compare price-per-month across plan lengths, simultaneous connections, money-back guarantee terms, and feature parity between tiers.

Tools & Equipment

The tools we use to produce consistent, reproducible results.

  • Dedicated 1Gbps test servers in 8 countries (US, UK, DE, JP, AU, BR, SG, ZA)
  • Custom speed testing suite (iperf3 + Speedtest CLI)
  • Wireshark for traffic analysis and leak detection
  • BrowserLeaks.com verification suite
  • Real streaming service accounts (Netflix, Hulu, BBC iPlayer, Disney+)

Independence Pledge

  • No sponsored rankings. Our scores are never influenced by advertising or affiliate relationships.
  • We buy everything ourselves. Products are purchased at retail price with our own funds. No vendor-supplied review units.
  • Affiliate transparency. We earn commissions from some links. This funds our testing but never affects our scores. Full disclosure.
  • Corrections policy. If we get something wrong, we update the article with a visible correction notice and date.

Update Cadence

Reviews are updated quarterly or within 48 hours of major version releases, security incidents, or pricing changes.

Every article shows its publish date and last update date. If a review is more than 6 months old without an update, we flag it as potentially outdated.

Our Testing Team

The people behind the scores.

Marcus Reid
Marcus Reid Editor-in-Chief CISSP certified, former Ars Technica security editor, EFF-cited researcher
Elena Vasquez
Elena Vasquez Senior Privacy Analyst J.D. in Digital Rights Law from Georgetown, former EFF legal intern
Daniel Cho
Daniel Cho Contributing Security Researcher OSCP certified, HackerOne Top 500, 3 CVEs in VPN software