VyprVPN No-Log Audit Report

Vypr VPN has been one of the most popular VPN services of the past, and when it comes to user data retention and logging periods, the service had been very cautious and privacy-minded. Because of some inadequate media coverage, Golden Frog, the developer of Vypr VPN decided to turn their service into completely no-log service.

 The main reason behind this thinking was that this change would help them to stand out against any other VPN provider service. Secondly, this would also strengthen their stance on user privacy.

However, claiming something doesn’t its 100% confirmed in the VPN world. To win the trust of users is difficult to win. No one believes and falls victim to various marketing strategies. It is because it has been proven groundless in the VPN field several times in the past. 

To modify its no-log policy, the company logged and retained the data for 30 days: 

  • Vypr VPN’s IP address given to the user. 
  • User’s source IP address 
  • Starting and ending times of the Total connection
  • Number of bytes used

What led to making the change to No Log? 

The company for the past few years received significant feedback from their customers so, the Policy Partners and the VPN market that any amount of activity logging by a VPN provider erodes trust itself in the VPN service. 

However, the tipping point was when Wirecutter published a review regarding the best VPN service, and it doesn’t include VyprVPN.

 It was the turning point when the company felt that they have always fought to protect user’s privacy, and their minimal logging policy becomes the reason for exclusion from the review.

Is this a marketing campaign? 

The company has been incredibly vocal regarding VPN providers who promised complete anonymity or a no-log VPN service but turning over user data to authorities. The company has serious and legitimate concerns about new entrants in the VPN industry, which promise privacy but deliver entire opposite while leaving customers none the wiser. 

Moreover, the company also feared that trust in VPNs was grinding down, and if people can’t trust a VPN to protect them then they won’t use encryption at all. This encourages the felt that decisive action was needed. 

In this regard, Golden Frog decided to partner with the Center for Democracy and Technology during the previous year, to create a report that acts as a platform for users to understand what signifies a reliable and trustworthy VPN.

The prime reason behind creating a report on the ‘Signals of Trustworthy VPNs’ was that so, users could have a better understanding regarding what questions to ask of their VPN Provider. It was a good start, and Vypr VPN encourages other VPN providers companies to answer such questions for the sake of their customers.

How to challenge the VPN industry?

When Vypr VPN decided to become a No Log VPN so, they wanted to do something to build the trust of their users than just updating their privacy and website with No Log language. They tried to change the conversation and challenge the VPN industry. 

For this reason, a decision was made, and under this decision, they hire a reputed and independent auditor to validate that when they say ‘No Log’ so, users can easily trust and doesn’t leave wondering if they are yet another VPN provider who promises something and doesn’t obey it. 

After thorough research, the company hired Leviathan Security for performing an independent audit to ensure that no Personally Identifiable Information (PII) is collected, concerning the use of the Vypr VPN service.

Golden Frog also provides details on what they did, highlighting changes in their app code to make sure that logs that are retained in the device and the OS are securely handled and by the users consent. Furthermore, they have spent a great deal of time while modifying their VPN authentication, API servers, making extreme logging route changes across the entire suite of their backend software, and ensures that accidental logging incidents won’t occur.

Their application developers also get involved in this. They audited their apps and provided updated versions, which assures that any logs on the device were maintained by the application, or the OS is sent with the user’s consent. 

All of this was verified by Leviathan, who also provided Golden Frog some future recommendations to plan how to monitor their services for regressions, allowing them to maintain and further develop their Vyprvpn privacy-driven framework. The technical team also spent time making this happen, and this implies that it isn’t any marketing campaign at all.

The results of the investigation report indicates that Golden Frog worked to remediate all no-log related findings alongside with the assessment, and once this had been finished their retesting sessions verified that all the fixes were effective. Leviathan Security publicly asserts that Vypr VPN is 100% no-log VPN service platform.

Final Thoughts:

Golden Frog understands that all these partnership-based audits might not be enough to encourage some users. But they promote practices of such kinds as the only best possible solution to make certain the marketing claims. For this reason, they hope that their new Vyprvpn product can act as an ideal example in the nasty and unreliable world of VPN services.