ExpressVPN in brief:
- P2P allowed: Yes
- Number of servers: 3,000+
- Number of country locations: 94
- Business location: British Virgin Islands
- Cost: $99.95
- VPN protocol: OpenVPN
- Data encryption: SHA-256
- Data authentication: AES-256-SHA256/AES-256-GCM
- Handshake: 2048-bit RSA
Paying more than $60 for a VPN service is too much. Unless that company is offering a ton of extra features and device compatibility to justify the cost. One company making that gamble is ExpressVPN, which charges nearly $100 per year. I’d still like to see ExpressVPN be up front about who’s behind the company, but you sure get a lot for your annual fee.
On top of the usual VPN connections, ExpressVPN says it works with Netflix in more than two dozen countries (we only tested the U.S. connection), and you can use its smart DNS service to make an Apple TV or gaming console access U.S. media from overseas.
A key change with the latest version of ExpressVPN is that it’s in the process of switching its server configuration to what it calls TrustedServer. These are servers that don’t have a hard drive and run entirely on RAM. The only other service we’ve seen do this is OVPN. Running everything in RAM avoids the possibility of any data logging since there’s nowhere to the write the data to permanently. It also means that data is frequently overwritten and all data is lost when the server reboots. Authorities could employ some forensic techniques to pull limited data off RAM, but it wouldn’t be easy.
Features and services
When you first start up ExpressVPN, it looks similar to its previous incarnation. It still has a simple single-panel interface with an on/off button, and the country selection below it. This version is a little cleaner than the one we looked at in 2017.
Click the hamburger menu in the upper-right corner, and you can get to the options where you can choose your VPN protocol including OpenVPN, L2TP, and PPTP.
There’s also a VPN kill switch, and a split tunneling feature where you can specify which apps will use the VPN.
To get to the country options, you have to click the circular icon on the main dashboard. The country list has two tabs: Recommended and All locations. Under All locations you can find all 94 country locations, while Recommended is a list of good country connections based on your location.
By default, ExpressVPN doesn’t show ping times or server load, but you can use the built-in speed test under the “hamburger” menu icon to see ping times and estimated download speeds for each country. These speed tests happen in a separate window and don’t show up in the main country list. You can, however, connect to the VPN from here.
As we mentioned earlier, ExpressVPN is $99.95 per year, which covers up to five simultaneous device connections and is available on Android, iOS, Kindle Fire, macOS, routers, and Windows. There is also the MediaStream service for Apple TV, Fire TV, PlayStation, and Xbox that lets you view U.S. streaming media from overseas.
Browser extensions from Chrome and Firefox let you control the app from the browser instead of acting as simple browser-only proxy connections.
In our tests, ExpressVPN was very fast. It didn’t hit the top-tier speeds we saw with HotSpot Shield, but it’s in the tier just below that. In our tests, ExpressVPN maintained 55.18 percent of the base speed across five locations worldwide during three separate days of testing. That’s a lot faster than most services we’ve evaluated, and is more than sufficient to accommodate a home user’s online activities.
Privacy, anonymity, and trust
ExpressVPN promises not to log any of your browsing history, or other personal data such as DNS queries, IP addresses, connection timestamps, or session duration. It does keep diagnostic and crash reports, but one thing that I really like is that ExpressVPN’s app on Windows asks you upfront if you want to contribute this data. That’s an excellent approach, which should be standard for all VPNs.
While ExpressVPN doesn’t keep logs on your activity, it does save some data. It logs the version of the ExpressVPN you’re using, successful connection attempts, which VPN location you connected to and from which country. That’s a lot of information; however ExpressVPN says it does not log any IP addresses, neither your original or the one the VPN assigns to you. ExpressVPN also logs the total amount of data transferred in order to kick data hogs off its platform.
That’s all okay, but not great for anyone trying to maximize privacy. The thing that bothers me about ExpressVPN is that it doesn’t publish its business address, nor the names of its CEO or founders. The company does have one person who puts a public face on ExpressVPN, and that’s Harold Li, company vice president.
The company says despite its position on anonymity for the founders (and no business address) it’s working towards greater transparency. It expects to publish third-party audits on its servers and “security posture” in the coming weeks. The company also works with the Center for Democracy and Technology to define trustworthy signals for VPNs.
That’s pretty good stuff, but I’d still like to see more transparency behind who is running the show.
ExpressVPN has a great service. The speeds are phenomenal, the device support is off the charts, and the country locations and number of servers are vast. There is no question in my mind that you get more than enough value for your money. But I really don’t like that its founders and leaders prefer to remain anonymous, and that the company’s business address is not publicly available. As I’ve said many times before, using a VPN is all about trust, and that’s hard to have when you don’t know who you’re trusting.
Ultimately, then, (as with any VPN service) it’s up to you to decide whether or not to trust the company.