Vypr VPN has been one of the most popular VPN services of the past, and when it comes to user data retention and logging periods, the service has been very cautious and privacy-minded. Because of some inadequate media coverage, Golden Frog, the developer of VyprVPN, decided to turn their service into a completely no-log service.
The main reason behind this thinking was that this change would help them to stand out against any other VPN provider service. Secondly, this would also strengthen their stance on user privacy.
However, claiming something doesn’t is 100% confirmed in the VPN world. Win the trust of users is difficult to win. No one believes and falls victim to various marketing strategies. It is because it has been proven groundless in the VPN field several times in the past.
To modify its no-log policy, the company logged and retained the data for 30 days:
- Vypr VPN’s IP address is given to the user.
- User’s source IP address
- Starting and ending times of the Total connection
- Number of bytes used
What led to making the change to No Log?
The company, for the past few years, has received significant feedback from its customers so the Policy Partners and the VPN market that any amount of activity logging by a VPN provider erodes trust itself in the VPN service.
However, the tipping point was when Wirecutter published a review regarding the best VPN service, and it didn’t include VyprVPN.
It was the turning point when the company felt that they have always fought to protect users’ privacy, and their minimal logging policy becomes the reason for exclusion from the review.
Is this a marketing campaign?
The company has been incredibly vocal regarding VPN providers who promised complete anonymity or a no-log VPN service but turned over user data to authorities. The company has serious and legitimate concerns about new entrants in the VPN industry, which promise privacy but deliver the entire opposite while leaving customers none the wiser.
Moreover, the company also feared that trust in VPNs was grinding down, and if people can’t trust a VPN to protect them, then they won’t use encryption at all. This encourages the feeling that decisive action is needed.
In this regard, Golden Frog decided to partner with the Center for Democracy and Technology during the previous year, to create a report that acts as a platform for users to understand what signifies a reliable and trustworthy VPN.
The prime reason behind creating a report on the ‘Signals of Trustworthy VPNs’ was so, users could have a better understanding regarding what questions to ask of their VPN Provider. It was a good start, and Vypr VPN encourages other VPN provider companies to answer such questions for the sake of their customers.
How to challenge the VPN industry?
When Vypr VPN decided to become a No Log VPN so, they wanted to do something to build the trust of their users than just updating their privacy and website with No Log language. They tried to change the conversation and challenge the VPN industry.
For this reason, a decision was made, and under this decision, they hire a reputed and independent auditor to validate that when they say ‘No Log’ so, users can easily trust and doesn’t leave wondering if they are yet another VPN provider who promises something and doesn’t obey it.
After thorough research, the company hired Leviathan Security to perform an independent audit to ensure that no Personally Identifiable Information (PII) is collected concerning the use of the Vypr VPN service.
Golden Frog also provides details on what they did, highlighting changes in their app code to make sure that logs that are retained in the device and the OS are securely handled and by the user’s consent. Furthermore, they have spent a great deal of time while modifying their VPN authentication, API servers, making extreme logging route changes across the entire suite of their backend software, and ensures that accidental logging incidents won’t occur.
Their application developers also get involved in this. They audited their apps and provided updated versions, which assures that the application maintained any logs on the device, or the OS is sent with the user’s consent.
All of this was verified by Leviathan, who also provided Golden Frog with some future recommendations to plan how to monitor their services for regressions, allowing them to maintain and further develop their Vyprvpn privacy-driven framework. The technical team also spent time making this happen, and this implies that it isn’t any marketing campaign at all.
The results of the investigation report indicate that Golden Frog worked to remediate all no-log-related findings alongside with the assessment, and once this had been finished their retesting sessions verified that all the fixes were effective. Leviathan Security publicly asserts that Vypr VPN is 100% no-log VPN service platform.
Golden Frog understands that all these partnership-based audits might not be enough to encourage some users. But they promote practices of such kinds as the only best possible solution to make certain the marketing claims. For this reason, they hope that their new Vyprvpn product can act as an ideal example in the nasty and unreliable world of VPN services.