Now audits are becoming a trend in the VPN industry. It is because the providers are looking to legitimize their claims, and PureVPN is the latest company that had to undergo an independent audit.
PureVPN recently joined the list of top VPNs. It has proven its no-logs claim as a part of its commitment to delivering robust privacy and security to its customers all around the globe.
The famous security audit company, Altius IT, examined Purevpn logs regarding browser history, connection logs, DNS queries, outgoing traffic, user’s originating IP address, and assigned VPN IP address.
The audit company also tested purevpn’s system log files, network infrastructure documents, and system configurations. After this testing, they officially gave PureVPN a clean chit on their no-logs claims.
Apart from PureVPN, several other VPN providers, such as ExpressVPN and NordVPN, have no-log policies. These service providers keep no records of users’ online activities and ensure their online privacy.
No-Log VPN:
The VPN service provider, after updating their privacy policy to become a zero-log VPN, it received tons of emails, feedback, queries, and support tickets from its customers regarding its internal logging policies.
To verify its claim, the company decides to hire Altius IT to perform an audit of its security systems and privacy policies. After completing the inspection, Altius IT also provided the conclusion to clear the customer’s doubts.
They stated that they didn’t find any evidence of system configurations or service log files that either independently or collectively lead to recognizing a specific person or their activity while they’re using the PureVPN service.
To celebrate the successful audit, PureVPN also offered new users 30% off on any of their plans by using the code ‘’NOLOGVPN’’.
What led to the audit?
The security audit was the result of a court case where a person from Massachusetts was arrested on charges of cyberstalking, against a female roommate and her friends and family members.
The documents from the court indicated that logs provided by PureVPN helped the FBI in prosecution. The question here is how the FBI was working with PureVPN to get these details. The answer is simple; PureVPN logs.
The logs revealed how, within a few seconds, the same VPN IP address had logged into Lin’s real Gmail address, another Gmail address used for some threats, and a Rover.com account Lin created. The VPN was able to link the activity with Lin’s home and work IPs- which won’t be possible if they do not keep any logs.
In light of this event, PureVPN decided to reconsider their privacy policy by clearly mentioning that they keep no Personally Identifiable Information (PII) of their users.
Why PureVPN chose Altius IT?
PureVPN chooses Altius IT because of its 25-year experience for security audits. It is a California-based company that is famous for large-scale consumer internet companies.
They have vast experience with both consumer architectures and internet-scale enterprises. Also, they understand the privacy nuances required by various Internet-scale companies to work in a global setting.
The company’s approach was quite impressive. The team surprised the VPN service provider with their thoroughness with the company principals becoming mystery users, performing audit work, and threat analysis.
The audit company was allowed to access all systems according to their wishes. They looked at almost everything from VPN servers to configurations to system services and APIs. Furthermore, they also looked at the company’s database and then traced the entire data. They did so to make sure that no user-identifiable information was stored.
A zero-log VPN is one that doesn’t have data lying about on its servers that can be handed over to the authorities, especially if they are approached with a warrant. Since PureVPN is a Hong Kong-based VPN, which is non-invasive in terms of surveillance, therefore, it is now regarded as an all-rounder VPN in terms of privacy.
Commitment to Privacy:
PureVPN has a history of being a Customer Driven in everything they do, from their core policies to feature requests and innovations. The same thing has been demonstrated again by their leadership writing to customers, craving for first-hand feedback, and responding to emails.
Their journey from no-browsing logs to zero-log is no different at all. The company remained committed to privacy and thus is being declared as the first-ever service provider that achieves full GDPR compliance by top industry voices.
What’s next in the line?
The company is looking forward to strengthening its commitment to real privacy. Despite being the first company to comply with GDPR and having the most transparent Privacy Policy to present, PureVPN remains the only service provider to have a public paid bug bounty program.
The program has a 90,000+ active community of white hat hackers who are continuously testing and cementing their service. The service providers are striving to deliver more value to millions of subscribers in more than 120 countries who entrust their privacy and security. PureVPN in the future is aiming to become the industry-first ever privacy-conscious company.
Conclusion:
The latest incident clearly explains the importance of choosing a VPN provider you can trust easily. Although most of the VPN providers promise no-logs, it is impossible to run a VPN service without keeping a minimal amount of logging. Thus, be very cautious of this claim.
PureVPN’s decision to become a no-log service provider put it in line with the best VPN providers in the market. Due to the price of PureVPN subscription, it becomes extremely competitive. There is no doubt that it is among the very few services that have significantly improved its service during the past few years. Hopefully, more VPNs might follow the steps of NordVPN, PureVPN, and Vyprvpn. There is no better way to improve the reputation of the VPN industry than to open services to famous third-party audits daily.
