To become safer online, start with NordVPN — the world’s leading VPN provider.
Earlier this year the damaging news shook the VPN industry when a data-leak revealed that seven Hong Kong-based free VPN service providers have been logging data on their servers, even though promising a no-logs service – you can read more on the issue here.
For a long time, VPNs functioned on a trust basis. Users put faith in their chosen VPN service provider to not store any logs, and transparent providers did their best to live up to the promise of online privacy. However, this is not the case anymore. Over time numerous procedures were developed to ensure the users their service is genuinely logs-free.
At NordVPN user trust and privacy is our paramount mission, and in this article, we’d like to outline the exact steps we’ve taken to ensure our servers are secure, fast, and keep no-logs.
When talking about user privacy and server security, there’s always a lot of configuration involved. It will be discussed later in the article. But there’s one crucial aspect that has little to do with technology – it’s the jurisdiction that a VPN service provider operates in.
Depending on its geographical location, a VPN service provider can be forced to log data by request of the authorities. Moreover, the 14-eyes countries alliance collects and shares information, and any VPN located in one of those can be requested to log and provide logs.
That’s why NordVPN chose Panama as its base of operations. This country is not a member of the 14-eyes alliance and is known as an Eden’s garden for privacy related companies. Which means we are not obliged by any laws to store user-data on our servers and can guarantee user privacy that a no-logs VPN service provides.
One way to secure user privacy is to ensure no data can be stored on the servers in the first place. And one way to do it is to change server infrastructure to RAM-only servers. In simple words, RAM is short-term device memory, it’s much faster than solid-state or hard-disk drives and doesn’t hold data for so long.
In this particular case, it was a perfect solution for our users. Not only do they get a server infrastructure that is unable to log any data by design, but RAM-only servers are also faster than the regular ones, so we moved all of our servers to this structure. Therefore, even if a server got seized, there wouldn’t be any information to extract from it in the first place.
When you’re handling infrastructure of 5400+ servers, the job of administering each and every one of them is no easy task. Providing servers all around the world are necessary to guarantee such important VPN features as access to restricted content, freedom of speech, and right to privacy. However, it poses a challenge of having to deal with numerous server renting companies in various countries, which we carefully selected to provide the service of sufficient quality.
Colocated servers, on the other hand, bypass the need to interact with other business units, and prevent possible third-party failures from happening. Colocated NordVPN servers are owned and managed solely by NordVPN, and we have already launched our first colocated servers in Finland. In the future, we’re planning to move all our servers to colocated ones, which will be secured and cared for by our trusted team of cybersecurity specialists.
VPNs let you bypass geographical restrictions, avoid ISP speed throttling, assure more private browsing, among other use cases. Any one-type of server can’t excel in all of these things, that’s why we have separated and reconfigured some of them to be good at one thing upon users requests.
Right now, users can choose between 5 different types of servers:
P2P servers for fast and private peer-to-peer traffic;
- Obfuscated servers should be used where authorities regulate the use of VPNs;
- Double VPN servers route the traffic through two servers instead of one, maximizing online privacy;
- Onion over VPN servers benefit from additional encryption and the safety of the Onion network;
- And Dedicated IP servers provide a static IP address in need.
How NordVPN servers work
NordVPN servers have been designed to assure user privacy, good connection speeds, and to function with the bare minimum of user data. That’s why authentication servers verify bare minimum user information, such as user’ credentials – that’s how we identify our valid users.
First of all, authentication servers verify the user credentials, check their subscription status, and whether the user has reached the limit of concurrent simultaneous connections. After verification is done the user can connect to one of our servers – both of these processes and communication between devices are encrypted. From this point on, we do not see any online activities, and after the session is done, the data is wiped clean because of RAM-only server structure.
Upon leaving NordVPN server to its destination, the data-flow is decrypted and routed to the Internet through the NAT/Firewall for a secure connection. Furthermore, once the traffic is sent to its target destination, it has an assigned shared IP address, which makes the possibility to trace online activities back to a specific user an extremely difficult task.
Last but not least, we have also cooperated with an independent auditing firm, who audited our servers twice – once in November 2018, once in May 2020 – and verified that NordVPN is a genuinely no-logs VPN service provider.
We hope this clarifies the steps we took to ensure our user privacy.
Create your free account to unlock your custom reading experience.