Bitcatcha's content is reader-supported. When you purchase through links on our site, we may earn an affiliate commission. Learn more

What Is A VPN? (What It Does, How It Works, Why Use It, Legality, Safety)

A VPN, or Virtual Private Network, is a critical tool that enhances online privacy and security. This article explores the essential aspects of Virtual Private Networks (VPNs) and what they do. We also discuss what a VPN does, including its role in encrypting data and masking IP addresses. We then discuss the 5 reasons to consider using one and discuss key considerations like Five Eyes Alliance and geo-blocking. We examine the legality of VPNs, and address concerns about whether VPNs are possible to hack. You’ll also learn about different VPN types, costs, and the process of setting one up.

what is a vpn

What is a VPN?

A VPN stands for Virtual Private Network and is an internet service that protects your online privacy by redirecting your connection through a private encrypted tunnel. VPNs are similar to proxies in that they mask your IP address by routing your traffic through an intermediary server.

VPNs have become an indispensable tool for everyday internet usage. An estimated 1.6 billion people worldwide use them, according to Surfshark. Both individuals and businesses increasingly rely on VPNs to protect their online footprint from growing threats of surveillance, data exploitation, censorship and cybercrime. In recent years VPNs have also become increasingly popular for their ability to let you bypass geographic restrictions when streaming content.

Proxy vs VPN: What is the difference?

There are three key differences between proxies and VPNs. The first is that proxies are gateways that hide your IP address but do not encrypt your traffic. VPNs are gateways that encrypt all data and web traffic that passes through. The second difference is the scope of protection. Proxies handle traffic only from specific browsers or applications configured to use the proxy. VPNs route all your internet traffic through their server and therefore cover all applications and browsers on your device. The third difference is performance. While both proxies and VPNs occasionally slow down your internet speed, proxies (like SOCKS5) use public servers. VPNs typically offer better performance because they use fast dedicated servers.

What does a VPN do?

A VPN adds a layer of secrecy to your internet activities which helps to protect your online privacy.  Connecting to a VPN client whenever you connect to the internet on your devices encrypts your internet traffic and conceals critical information from your internet service provider (ISP), government agencies, network administrators, and cybercriminals.

This becomes especially important when you’re accessing the internet through insecure and public Wi-Fi networks.

What does a VPN hide?

A VPN hides 2 critical things: your online activity, and your IP address. Your online activity includes internet traffic, your search history, browsing history and cookies. Because all details of data transferred during browsing sessions are also hidden, sensitive information from browsing sessions like logins and passwords is also concealed from snoopers.

A VPN also hides your IP address. Your IP (Internet Protocol) is a string of numbers that indicate where you are, what device you’re on and is used to trace what you do online. A VPN hides your real IP by replacing it with the IP address of the VPN server you’re connected to. This therefore hides your real physical location.

How does a VPN work?

A VPN works by adding an important layer of encrypted security to the normal process of accessing a website. When you typically access a website (without a VPN), your ISP receives the request and then redirects you to the website you want to browse. When you connect to a VPN, the VPN server works as the middleman between you and your ISP and sets up a virtual tunnel between your device and the VPN’s remote server. The ISP now sees the IP of your VPN rather than your personal IP address.

The VPN tunnel is first created through a process of client authentication via the device you are using. Once authentication is cleared, an encrypted tunnel is created between your device and the VPN remote server. Any data sent or received through this tunnel is split by the VPN into packets and then encrypted through a process called encapsulation. The data is then decrypted when it arrives at the VPN server end. All data sent and received through this tunnel remains completely private to you alone.

What is encryption?

Encryption is the process of transforming plain text into coded language that only authorized personnel with the right key can decipher. It’s used to secure data in transit from unauthorized access and manipulation. In the context of VPNs, encryption works to secure all internet traffic passing between your device to the VPN server. An encryption key is generated when you connect to the VPN that only you have access to. End-to-end encryption is the standard in most reliable VPN services and it ensures your data is completely secure as it travels from your device to the VPN server and back again.

VPNs use both symmetrical and asymmetrical encryption methods to secure data. Symmetrical encryption, like the Advanced Encryption Standard (AES), uses a single key for both encryption and decryption. Asymmetrical encryption, like the Rivest-Shamir-Adleman (RSA), uses a pair of keys: one for encryption and one for decryption.

Why should I use a VPN?

You should use a VPN for 5 reasons. The first and most important reason is to protect your online privacy. A VPN encrypts your internet traffic and masks your IP address in order to protect your personal information from 4 possible threats: your ISP, government entities, network administrators, and cybercriminals.

Protecting your personal information from your ISP (Internet Service Provider) is important because ISPs track and gather your online activities for profit. Selling your data to marketing companies lets them target you with intrusive ads. Protecting your personal information from government entities is important for bypassing surveillance. This is especially important if you’re accessing the internet from a country where the Five Eyes Alliance operates, or where there are severe legal consequences to your online activity. Protecting your personal information from network administrators helps keep you safe on insecure networks.  This ensures your activity remains private when using public Wi-Fi in airports and hotels, or at your workplace to prevent your employer from monitoring your online activities. Protecting your personal information from cybercriminals protects you from identity theft. Identity theft is when someone steals your personal information to commit fraud.

The second reason to use a VPN is if you want to access content that sits behind geoblocks. VPNs open a wider world of content libraries by allowing you to spoof your location. Location spoofing makes your device appear to be in a different geographical location.

The third reason to use a VPN is to keep your IP safe when torrenting. This protects you from legal consequences related to copyright infringement. The fourth reason is to unblock websites and circumvent censorship or firewalls. This helps provide a free and open internet experience. The fifth reason is to bypass ISP throttling, which is when an internet service provider intentionally slows down your internet speed based on your online activity or location. This makes VPNs popular with gamers who want to lower game lag by reducing latency. It is also helpful when streaming content or to speed up your internet connection in general.

You should not use a VPN to become invulnerable to all possible cybersecurity threats. Even the best cybersecurity tools don’t protect against mistakes made by users. A VPN that is subpar or configured incorrectly leads to DNS leaks which negates the 5 benefits listed above and puts your privacy at risk.

What is the Five Eyes Alliance?

The Five Eyes Alliance (FEV) is an intelligence-sharing agreement between the US, UK, Canada, Australia, and New Zealand. It was established in 1955 but has modern day implications for online privacy. The Five Eyes Alliance has been criticized for its lack of transparency and accountability since there are concerns that the countries involved in the alliance spy on each other’s citizens with impunity. There are also fears that the information shared between the countries could be used to violate human rights. Using an appropriate VPN helps you stop the alliance from eavesdropping on your information, and collecting or sharing your data. However, it is important to select a VPN provider that operates from countries that are not part of the original alliance.

What is geo-blocking?

Geo-blocking is the practice of restricting access to online content based on a user’s geographic location. Websites and content streaming services like Netflix, Apple TV+, Roku, Amazon Firestick and Hulu use geo-blocking to control access to content in certain countries due to licensing agreements. Geoblocking works by using your IP address to detect your location. The platform or website then permits or denies you access to that content accordingly. A VPN helps you bypass geo-blocking by masking your IP address and spoofing your location so that it appears like you’re accessing the internet from a different country. You are then able to access many more libraries.

What is a DNS leak?

A DNS leak occurs when your DNS (Domain Name System) requests are exposed to your ISP despite using a VPN. This compromises your privacy by allowing your ISP to see which websites you visit. A DNS leak undermines the anonymity provided by a VPN so it’s essential to choose VPNs with DNS leak protection to ensure complete privacy.

Yes, using a VPN is legal in most countries including the United States. Using a VPN for lawful activities is permitted in these locations, but using a VPN for illegal activities remains unlawful.

Several countries with strict internet censorship laws restrict or ban VPNs and impose legal consequences. For example, China puts certain strict restrictions on VPN usage and North Korea and Iraq prohibit VPNs for most users. It is important to check the local laws of your country to ensure compliance. If you use a VPN in violation of the law, you risk losing your internet access, paying large fines, or even going to jail.

Is a VPN safe to use?

Yes, a VPN is safe to use as long as you meet two criteria. The first is that you choose a reputable VPN provider. VPNs from trusted providers offer strong encryption and robust privacy policies in order to ensure your data remains secure. Always select a VPN with a no-log policy to ensure that your browsing history is not stored.

The second criteria is that you follow smart online security practices to keep yourself safe online. A VPN does not make you invulnerable to all cybersecurity attacks. Adhere to security best practices like keeping your VPN software updated, avoiding clicking on suspicious links, and using strong passwords to log into your VPN service.

Can a VPN get hacked?

Yes, A VPN can theoretically get hacked but it is unlikely if you’re using a reputable provider and maintain good online security habits. VPN hacks typically occur from malware attacks, phishing attacks, and human error in clicking on malicious links or not configuring your VPN properly. Even if a reliable VPN is hacked through one of these methods, any data transferred through the virtual tunnel is not typically compromised thanks to the VPN encryption process. This means cybercriminals are unable to see your internet activity even if they break into your network because all they see is gibberish.

What are the types of VPN?

There are two main types of VPN: remote access and site-to-site VPNs. Remote access VPNs, also known as client-to-site, allow individual users to connect to a private network from a remote location. These are typically the type of VPN being referred to when people talk about VPN services. They are provided by third-party services on a subscription basis and are commonly used to secure personal or business use .

Site-to-site VPNs are a type of VPN that connect entire networks to each other. These are often used in corporate settings to link intranets and extranets securely.

How much does a VPN cost?

A VPN typically costs between RM13.50 to RM67.50 a month depending on the provider, plan, and payment term. Monthly subscriptions range from RM22.50 to RM67.50. Annual plans often offer significant discounts and lower the cost to around RM13.50 to RM45 per month. Free VPNs are also available but typically offer very limited features and dubious security and privacy features and therefore not recommended. 

How do I set up a VPN?

The process of setting up a VPN involves installing the VPN client software on your chosen device, choosing a supported VPN protocol, and connecting to a VPN server of your choice. The exact step-by-step setup process varies depending on the operating system and platform you’re using. You typically have the option to download the VPN software directly onto your device (laptop, mobile, gaming module).

Alternatively, set up a VPN directly on your internet router in order to secure all devices that are connected to the same internet connection through it. This makes it possible to secure all devices on your network with a single VPN setup on your router, rather than installing a separate VPN per device. The setup process is tricker if your router lacks a user interface. Your choice of VPN protocol also affects the router setup process  It may also be necessary to enable VPN passthrough in order to allow incoming connections.

What are VPN protocols?

A VPN protocol is a method used to secure data transmission between your device and the VPN server. These protocols establish encrypted connections to keep data transmissions private. Each protocol offers different levels of security, speed, and reliability and VPN customers are usually given a choice between them. 2 very popular VPN protocols are OpenVPN and WireGuard.  Choosing between protocols depends on whether your priority is security or speed. OpenVPN is widely used for its very strong security, and compatibility with both UDP and TCP ports. However, the WireGuard protocol is a strong and newer contender that many prefer for its superior speed, protection, and adaptability.

UDP Vs TCP: What Is The Difference?

The difference between UDP and TCP is that UDP is preferred for speed and TCP for reliability. Both ports are compatible with the OpenVPN protocol. UDP (User Datagram Protocol) offers faster data transmission and is ideal for real-time applications like gaming and video conferencing. TCP (Transmission Control Protocol) ensures reliable delivery by establishing a connection before data transmission. TCP suits emails and file transfers.

What Is WireGuard?

WireGuard is a modern VPN protocol designed to be lightweight, secure, and highly adaptable. WireGuard uses advanced cryptographic techniques (Curve25519, ChaCha20, Poly1305) for security. It relies solely on UDP and provides better performance compared to older protocols like OpenVPN.

What is VPN passthrough?

VPN passthrough is a feature built into most modern routers that allows VPN traffic to pass through the router and reach your devices without interference. VPN passthrough is a necessary feature if your VPN connection uses older protocols like PPTP, IPSec, and L2TP. Such protocols are not compatible with Network Address Translation (NAT), which is a router process that modifies IP addresses as data passes through. The VPN passthrough feature allows VPN traffic to bypass NAT. Since most current VPN services use more secure protocols like OpenVPN and IKEv2/IPsec, there is a high chance you won’t need to enable VPN passthrough unless you specifically want to use PPTP or IPsec protocols.

How do I get a VPN?

You get a VPN by choosing and signing up for an appropriate VPN provider that meets your needs. There are many VPN providers on the market that boast various strengths and it’s important to choose a trustworthy brand that is able to meet your security needs.

When you have chosen the best VPN provider for you, go to their official website and sign up for a plan that suits your needs. Many providers offer monthly, annual, or multi-year plans. There are also family plans that allow you to share your VPN subscription with multiple users. When you have decided what plan and term length suits you you simply register, make payment, and go ahead and set up your VPN.

Customers who wish to buy a VPN anonymously need to take extra precautions during the signup and purchase process. Avoid buying using payment methods like debit card, credit card, or PayPal since these require you to give away personal information. Using anonymous payment methods ensures your personal information remains private during the purchase process.

Who are the best VPN providers?

The best VPN providers include ExpressVPN, SurfShark and NordVPN. Each is a proven reputable VPN brand that offers very robust security features, cutting-edge encryption, fast server performance, and no-logs policies. Check out our writeup on the best VPN services for a detailed comparison of these great VPNs.

How do I buy a VPN anonymously?

To buy a VPN anonymously, register with a disposable email address and pay with either cryptocurrency or gift cards. Paying with cryptocurrency involves 3 simple steps. First, set up a crypto wallet. Second, buy and add cryptocurrencies to your wallet. Bitcoin is accepted by most VPN service providers due to exchange rates being close to the exact value. Third, pay for your subscription with cryptocurrency. Paying with gift cards involves buying a gift card with cash, then transfering the balance digitally to purchase your VPN anonymously.

How do I choose a VPN?

To choose a VPN, it’s crucial to evaluate key factors like security features, server speed, and server locations. Do this by researching the brand and checking the fine print about each plan on their official website.

Ensure you choose a VPN that meets the standard of privacy and security that you require for your online activities. 3 must-have VPN security features are a strict no-log policy, a kill switch, and support for split-tunneling. 3 additional security features are double VPN, obfuscated servers, and dedicated IP addresses instead of shared IP addresses. Opting for a VPN with these advanced security tools is especially important if the stakes for your online privacy are higher. For example, if you’re commenting on ‘controversial’ issues in a place where there are strict consequences, if you’re a whistleblower, or a journalist speaking out against a dangerous government.

Another helpful part of choosing a VPN plan is to read third-party assessments. First, read customer reviews and brand comparisons. Second, check if the VPN provider undergoes regular VPN audits to verify its security and privacy practices. Researching these elements will help you understand and select a VPN that truly meets your own personal needs for privacy, security, and performance.

No log policies

No-log policies are commitments from VPN providers to not store or log any user data after it passes through their servers. No-log policies protect users from data exposure to third parties, such as ISPs, government agencies and malicious actors. This leads to privacy breaches, targeted ads, or censorship. Choosing a no-log policy VPN is absolutely key to protecting your online privacy. To check if a VPN has a no-log policy, visit the company’s website and read their privacy policy thoroughly.

Kill switch

A kill switch is a crucial VPN feature that automatically disconnects your internet if the VPN connection fails. System-level kill switches halt all data traffic on the device, while application-level kill switches only affect specific apps. Choosing a VPN with a kill switch is important as a last line of defense against IP address leaks and geolocation exposure. To check if a VPN has a kill switch, look for terms like “kill switch,” “network lock,” or “automatic disconnection.”

Split tunneling

Split tunneling is a VPN feature that divides your internet connection into two separate channels. One channel encrypts your data through a VPN tunnel, while the other accesses the internet directly. This allows you to choose which applications or websites use the VPN and which do not, providing flexibility in managing your online activities. Choosing a VPN with split tunneling also improves internet speed by reducing the load on the VPN server and conserving bandwidth.

Double VPN

Double VPN, also known as multi-hopping, is a feature that routes your internet traffic through two VPN servers. This additional layer of encryption ensures that you stay anonymous, even if one server is compromised. Choosing a VPN with a double VPN feature is advantageous for those needing robust security, such as journalists or activists dealing with sensitive information. Although it’s possible to slow down your internet speeds due to the added encryption and longer routing paths, it offers superior protection.

Obfuscated servers

Obfuscated servers are specialized VPN servers designed to hide your VPN usage from trackers, hackers, and other third parties. These servers use techniques like protocol obfuscation, port hopping, and DNS masquerading to disguise VPN traffic and make it appear like regular internet traffic. This makes it harder for governments and ISPs to block VPN connections. Choosing a VPN with obfuscated servers is especially beneficial for users in countries with strict censorship laws.

Shared and dedicated IP

Shared and dedicated IPs are two different types of IP address that replace your real IP address after you connect to a VPN server. Shared IP addresses are used by multiple VPN users simultaneously using the same VPN server. VPNs that provide shared IP addresses tend to be cheaper. However, it’s possible for shared IP addresses to get banned (aka blacklisted) by apps or websites. A dedicated IP address is an IP that is exclusive to your account only. Dedicated IPs provide more anonymous access and reduce the risk of being blacklisted. Dedicated IPs are a premium feature provided by premium VPNs or requiring an extra fee.

VPN audit

A VPN audit is an independent review of a VPN provider’s security and privacy practices. This verifies that the provider adheres to its privacy policies and ensures it meets robust security standards. Reputable VPNs typically do annual VPN audits by engaging external companies with cybersecurity expertise. 3 example auditing companies used by ExpressVPN are Cure53, F-Secure and KPMG.

How do I use a VPN?

To use a VPN, simply follow through a 4 step process. First, choose a VPN provider. Second, purchase a VPN plan. Third, download and install the VPN app on your device. Finally, connect to a VPN server in order to start using it. Follow our detailed step-by-step guide for using a VPN in different scenarios to ensure proper setup and usage.

(Back to top)

VPN Guides and Best VPN Services

What is VPN and how does it protect you from online threats? Check out all curated resources below.

Complimentary Website Consultation

Bitcatcha offers complimentary website consultations for anyone looking to build a website, whether beginner or experienced. We provide advice on website and app development, WordPress setup, web hosting options, and SEO strategies. Please fill up the form below to get in touch. All sessions are conducted in English.

Please enable JavaScript in your browser to complete this form.