Most people understand that the Internet can be a dangerous place, especially on unsecure networks. Advertisers, attackers, and spies can steal your data from Wi-Fi networks, so security-minded people know to protect their laptops with a virtual private network or VPN service. That's smart, but if you protect your desktop and not your mobile device, it's like locking the front door but leaving the windows wide open. Your Android needs VPN, too.
In this roundup, I'll talk about VPN apps for Android only. But most VPN services worth their salt also have apps for iPhone as well. I'll be reviewing and rounding those up soon.
What Is a VPN?
Taking out your tablet or using your phone to access the free Wi-Fi at the local coffee shop is a lot more dangerous than it seems. First, you have no way of knowing if the network has been configured incorrectly, allowing others on the network can't see your data. Second, it's entirely possible that nefarious parties have simply set up an innocent-looking wireless network to trick naive coffee drinkers; they can be very difficult to tell from the real thing.
In both of the scenarios above, someone could monitor your network traffic. Everything you send, from emails to passwords, would be open to them. That's a lot of private information you'd probably rather keep private. One example of a classic man-in-the-middle attack is to use a bogus network to intercept victims' Web traffic and replace legitimate sites with fake ones. When a victim goes to enter their information (everything from passwords to credit card numbers) on the site, the attacker gets it all.
If this all sounds far-fetched, it's probably more common than anyone would like to admit. While attending the Black Hat security conference, I saw some 35,000 devices connecting to a malicious Wi-Fi network, all without the knowledge of their owners. The malicious network was configured to mimic whatever Wi-Fi request was made of it. You can bet that many of those devices were mobile phones merely seeking a familiar Wi-Fi network.
But even if it's a safe Wi-Fi network, your personal information may still be at risk. Advertisers use advanced trackers that correlate your movements between websites. By placing trackers on a variety of sites and watching for requests from the same IP address, advertisers can get a sense of your habits. This is still true when you browse the Web on your Android. What's more, many mobile apps still transmit data without encryption, letting various three-letter organizations keep an eye on you.
When you connect through a VPN, you interact differently with the Internet. Your data is sent through an encrypted tunnel to a VPN server, either nearby or in a far-flung location. Anyone monitoring your network connection only sees the gibberish of an encrypted connection. Because your traffic exits onto the open Web from the VPN server, advertisers and spies see the IP address of the VPN server and not your device. It's a smart and simple way to keep your information and identity secure.
What Isn't a VPN?
As important as it is to understand what a VPN is, it's also important to know what it isn't. It isn't a true anonymization service, and you can't use it to connect to hidden websites on the Dark Web. For both of those activities, you'll want to use the Tor anonymization network. There are Tor client Android apps in Google Play, so you'll have no trouble connecting, no matter where you are.
While some VPN services claim to protect you against malware and phishing sites, standalone antivirus software definitely do a better job. Some VPN services also block ads—an especially useful feature on Android, where ad blockers are a rarity.
When you're connected to the VPN, your data is, indeed, encrypted. But that's not the case once it leaves the VPN server. If your browser or app doesn't secure your information, then it will be entirely readable to someone with the will and the means to try. Manually encrypting your files is one way to ensure that they aren't read. There are also apps, like Signal, that send encrypted text messages, keeping each message secure even if part of the journey to its intended recipient is unsecure.
VPNs Can Fool Dictators, Netflix
A common use of VPNs is location spoofing. By sending your Web traffic through an encrypted tunnel to a remote server, you cause it to appear to originate from the VPN server and not your actual location. Journalists and activists have used this to get around restrictive Internet controls imposed by various governments.
But for most people, this feature will probably be used to watch region-locked streaming content. If you live in the US and want to watch the free video streams from the BBC, you're out of luck. But with a VPN, you can fool the BBC website into believing you're a noble UK citizen. The same is true for sporting events, such as official MLB streams.
That said, companies and content providers are starting to get wise. Netflix in particular has begun blocking VPN connections. I've noticed that Hulu, too, will frequently block access when I'm using a VPN. Note that streaming companies are well within their rights to block VPN users. Just because you're paying to watch Netflix in the US doesn't mean you are allowed to view UK Netflix.
Some VPN companies, like NordVPN, have publicly stated that they will work to ensure that users can access video services while using a VPN. But in my experience, their effectiveness can change on a day-to-day basis as the streaming companies and VPN services play a cat-and-mouse game of spoofing and blocking.
The Speed Issue
It's not surprising that rerouting your connection to other, perhaps distant, servers can have a negative impact on your Web browsing speed. Usually, a VPN greatly increases your latency, and reduces the speed of download and uploads. How annoying the impact is will depend on the location of the VPN servers and the network infrastructure the VPN provider can access, among other things. I've used a VPN continuously on my personal phone for weeks at a time without noticing a dramatic change in my experience. Your mileage may vary.
Very rarely, a VPN service may actually improve your Web browsing. Generally, that's because the VPN provider has access to higher bandwidth Internet in other countries. But it is, as I've said, a rare thing.
Note that most VPNs can also protect you when you're connected to cellular networks as well. This might seem like overkill, but there are exotic attacks to intercept cellphone data. One such attack involves jamming the LTE and 3G bands, forcing nearby phones to attempt to connect via a 2G connection, the encryption of which has long been broken. The attackers use a portable cell tower, similar to a Femtocell, and trick nearby phones into connecting.
In my testing, I don't look at VPN performance over cellular connections. That's because I can't control how or when the phone connects with cell towers. By restricting my testing to Wi-Fi, I can control more variables and emulate the circumstances most people will probably experience.
What Makes a Good VPN?
Although Android phones and tablets are radically different in form factor than desktops and laptops, what I look for in a VPN remains the same.
Good speed scores are worth noting, but they're not the most important factor. It's only noteworthy if the results are especially good or bad. The number and distribution of available VPN servers provided by the company is far more important than speed. Lots of servers in lots of places means that you'll have an easier time finding a nearby server while traveling. When you're in a foreign country and you're desperate to get information (directions or translation, perhaps), you probably won't be worried about whether or not the Wi-Fi connection you've found is secure. VPNs give you some assurance in these situations.
The location of the VPN company is also important. Depending on where it is, local laws may require the company to retain user data. That's not a good thing, especially if maintaining your privacy is your primary concern. Reading the company's terms of service is a great way to figure out the logging and data retention policies. Nearby servers are good, since they generally provide better speed and performance. A surfeit of servers also means that you'll have many options when spoofing your location, should you desire it.
You're also likely to find the VPN service's statement about P2P file sharing and BitTorrent in its terms of service. Most VPN services don't allow either, since it's a drain on resources and opens a legal can of worms. A few services allow file sharing on specific servers, and even fewer will allow them on any server. While I seriously doubt many people will be using their Android phones for Torrenting, be sure to respect the rules for your chosen VPN service. Breaking them can sometimes mean being banned without a refund.
Finally, price and licenses are a very important factor to consider. VPN services range from free to incredibly expensive, and you'll want to make sure you can connect all your devices to the VPN service. In my experience, most VPN services cost between $8 and $10 per month and allow five or six devices to connect at a time. You'll want to make sure you have enough licenses to cover all your computers and mobile devices. If you're looking at a service that falls outside this range, be sure that it's offering something unique to make up for it.
Get a VPN for Your Android!
Whether you're a globe-trotting business magnate, or a humble homebody, a VPN service is a worthy investment. Your data will be more secure, and you'll have much more flexibility in how your mobile traffic moves across the Web, even when you're using your smartphone or tablet. It won't protect you from every threat, of course, but it's a simple way to be much more secure.