Overall Rating 90%Excellent
Pricing and Features
90%Excellent
Privacy
95%Excellent
Security
90%Excellent
Smart DNS
88%Very Good
The Software
85%Very Good
The Windows client
88%Very Good
The Android App
86%Very Good
The Website and Customer Service
90%Excellent
Performance
95%Excellent

ExpressVPN

A US owned company, ExpressVPN is a big name in the VPN market. In some ways, this is understandable, as its privacy policy is decent (if not the best we have ever seen), it encryption good (without being outstanding), its software works well (but lacks bells and whistles), and its performance is better than average (but not blinding). Readers can probably detect a trend here… ExpressVPN is a perfectly OK, decent, average, mid-line provider, but it consistently falls short of blowing our socks off (and it is expensive).

Pricing and Features

90% – Excellent

ExpressVPN offers a simple ‘one size fits all’ plan, starting at $12.95 per month and dropping to $9.99 per month if purchased on a 6 monthly basis.

This is somewhat on the pricey side, especially when the rather limited number of features offered by ExpressVPN are considered, but is somewhat offset by the generous 30-day “no-hassle” money back guarantee, which will provide users with more than enough time to decide if the service meets their needs.

In addition to this, Android users get a 1-day freetrial when they download the app, and iOS users usually receive 7-day free trial courtesy of iTunes (although this depends if the download is available in a given region).

It should be noted, however, that the free mobile trials do not appear to entitle users to a simultaneous free desktop trial (although we were unable to test this due to having used up our free Android trial in the past). For such a high-profile service (matched by a high-profile price), ExpressVPN offers a very stripped-down VPN experience:

  • No browsing logs (but keeps extensive metadata logs)
  • PPTP, L2TP/IPSec, OpenVPN and SSTP protocols (Windows only) – we generally always recommend using OpenVPN whenever possible as it is very secure, although SSTP is also highly secure
  • Android and iOS apps
  • 2 simultaneous connections (1 computer, 1 mobile device)
  • 97+ servers in 78 countries
  • Shared IPs
  • Permits P2P (we think)
  • SmartDNS service

The devil, however, is in the detail. In our view, a basic service is fine if it is done well…

expressvpn-pricing

Alternatives for ExpressVPN

Starts from
$ 9.99 per month
VyprVPN Review
  • Great technical security
  • 3 simultaneous connections
  • Useful extras
  • Great software
  • Great performance
  • No usage logs, but collects a lot of metadata
  • P2P not allowed
  • Liable to US laws
www.goldenfrog.com
Starts from
$ 8.00 per month
NordVPN Review
  • Fantastic privacy policy
  • Smart DNS service
  • Access to over 32 servers in 20 countries
  • Sloooowwww….
  • Only 2 simultaneous connections
  • Some ‘features’ are a bit gimmicky
www.nordvpn.com
Starts from
$ 7.75 per month
AirVPN Review
  • Unbeatable privacy & security
  • Supports VPN over Tor for genuine anonymity
  • Blazingly fast and very stable
  • Not a lot
www.airvpn.org
Starts from
$ 6.99 per month
Cyberghost Review
  • Excellent privacy policy
  • Great free service
  • Servers in 26 countries
  • Can be fast (but this is somewhat inconsistent)
  • Desktop client is rubbish (although the Android app is fine)
www.cyberghostvpn.com

Privacy

95% – Excellent

ExpressVPN states that,

“We are a privacy-focused service and have a strict no logging policy! We do not track or monitor user activities while connected to ExpressVPN. For more details, view the Privacy Policy section in our Terms of Service.”

Looking at its Privacy Policy, however, we feel this statement is somewhat disingenuous. ExpressVPN does not log which websites a customer visits, but it does log a fair amount of metadata, which could be used to identify a user if their internet activity was being tracked on the web:

“We may collect the following information: times when connected to our service, choice of server location, and the total amount of data transferred per day. We store this to be able to deliver the best possible network experience to you. We analyze this information generically and keep the data secure.”

We were fairly sure that ExpressVPN is a US-based company, although the ToS states that,

“This Agreement shall be governed by and construed in accordance with the laws of the British Virgin Islands, excluding its conflicts of law rules.”

We asked support about this, who responded that,

“The corporation is setup under the British Virgin Islands at the moment. The owners of the company are in the U.S.”

As a US owned company, ExpressVPN is subject to government surveillance via FISA and the Patriot Act(even when data is stored overseas). Even if it does abide by British Virgin Islands laws, the British Virgin Islands are a British overseas territory, and therefore no safer from NSA spying (thanks to UK data retention laws and the NSA’s best buddy – GCHQ).

On the plus side, ExpressVPN does accept payment via Bitcoin. This means that if the correct measuresare taken, then users can add an addition layer of privacy by paying anonymously. However, the fact that ExpressVPN keeps metadata logs does mean that it may be able to tie internet behaviour to a real IP address.

Similarly, we like the fact that the only personal information asked during sign-up is an email address (and there is nothing to prevent the use of a disposable email account for this), but the problem remains that users’ IP addresses are logged. That said, the use of shared IP’s (see below) does considerably reduce the impact of this issue.

As far as P2P downloading is concerned, our understanding is (and we could be wrong here, but there is no easy way to verify the situation), ExpressVPN is tacitly ok with it, but prefers not to discuss the subject (for obvious reasons).

 

Security

90% – Excellent

ExpressVPN uses 256-bit AES OpenVPN encryption, which is good, although the SHA256 hash authentication is less impressive. Support declined to mention the key encryption/handshake used, so we presume it is the rather average OpenVPN standard RSA-2048. L2TP and SSTP encryption is also described as being 256 (more on SSTP later).

We stress that there is nothing wrong with this, and it should be secure against almost any form of attack, but we nevertheless find it uninspiring in these post-Snowden days where we know the lengths to which the NSA has gone to undermine international encryption standards. Having said that, given the amount of metadata it logs, together with it basically being a US company, ExpressVPN is not a provider for the more NSA-paranoid anyway.

Instead of relying on the usual username/password to authenticate users, ExpressVPN uses certificate based authentication for OpenVPN connections (generated at sign-up). This removes the problem of users’ choosing weak passwords, but as it is used instead of a username/password authentication rather than in addition to it, provides no additional security through 2 factor authentication.

ExpressVPN uses shared IP addresses, which makes it difficult to determine which one of many users of an IP address is responsible for any given internet activity, and goes some way towards addressing the problem of keeping detailed metadata logs.

We do note that ExpressVPN declined to take part in TorrentFreak’s Which VPN Services Take Your Anonymity Seriously? survey, but leave readers to make of that what they may.

Smart DNS

88% – Very Good

Something that is not very well advertised (in fact it only became clear once we had signed up for an account) is that ExpresVPN offers a Smart DNS service. This means that instead of relying on your ISP’s servers to convert long-form web addresses (e.g. www. cloudwards.net) into the numerical IP addresses that computers use (e.g. 198.74.53.57), ExpressVPN can do it instead.

Because this process is carried out by a US-based server, users’ apparent geolocation is in the US, making Smart DNS ideal for streaming geo-restricted media content. Because there are no encryption overheads involved, Smart DNS is much faster than VPN, which means less buffering issues when watching US TV shows.

It also means that many devices such as the Apple TV and PS4, which cannot run VPN software, can be configured to evade geo-restriction barriers.

The Software

85% – Very Good

A custom VPN client is available for Windows and Mac OSX desktop machines, while mobile apps are available for Android (4+) and iOS devices. The desktop and Android apps support OpenVPN, while the iOS app relies on L2TP/IPSec.

OpenVPN setup files are provided for Linux and routers, while PPTP and L2TP/IPSec instructions are provided for legacy devices. In addition to summary guides, detailed setup guides, complete with screenshots, are available for all platforms.

Smart DNS setup guides are available for Apple TV and PlayStation 4 (it should be easy to use these guides to setup other devices such as Smart TVs).

The Windows client

88% – Very Good

The client offers the following features:

  • DNS leak protection – a VPN provider should resolve DNS requests when connected, but sometimes computers revert to their default settings, which can reveal a user’s true IP address (see here for more details). DNS leak protection prevents this
  • Switch between VPN protocols – UDP and TCP are variants of the OpenVPN protocol. To cut a long story short, TCP is faster, while UDP is more stable. Unless users experience connection problems, it is usually recommended they stick with TCP
  • SSTP – a (mainly) Windows-only VPN protocol, SSTP provides a similar level of security to OpenVPN. The main advantage of this proprietary Microsoft standard is that is uses TCP port 443 by default, which is the same port used by regular HTTPS traffic. Because HTTPS is a major backbone of security on the internet (it is the protocol used by every https:// website), blocking it effectively ‘breaks’ the internet, and so very rarely happens. This makes SSTP ideal for evading censorship, such as that practiced in China or Iran. It should be noted that OpenVPN can also be configured to use TCP port 443, although this must be done manually, and ExpressVPN provides no support for doing so
  • Built-in speed test – this can help when choosing the best server to connect to

The built-in latency (ping), download speed, and “speed index” tests to find the fastest servers would be a great feature, except that they consistently failed when we ran them…

DNS leak protection is nice, but the client is otherwise fairly plain vanilla. It does, however, do its job just fine.

expressvpn-client
ExpressVPN Client
expressvpn-clinet-settings
ExpressVPN Client Settings
expressvpn-latency-tests
ExpressVPN Latency Tests

The Android App

86% – Very Good

As with the desktop client, the Android app is a fairly simple affair, but it gets the job done without any fuss.

 

expressvpn-android-servers
Server selection is straightforward
expressvpn-android-connected
The whole thing is very no-frills
expressvpn-android-settings
Options are very basic, although the app does offer some advice on which server to connect to etc.

The Website and Customer Service

90% – Excellent

The ExpressVPN website looks smart, and information is easy to find. However, this information (such as that contained in the FAQ) is aimed very much at the VPN novice, and to get any kind of technical details we had to contact support…

Fortunately, this was very easy to do through the Live Chat app, and we were pleased to find the responses friendly and informative. Support is also available via direct email or a ticket system.

One thing to note is that when paying via PayPal (and possibly other means), billing is automated each month, so users planning on stopping their subscription will need to cancel this payment manually.

Performance

95% – Excellent

We tested speed performance using the HTML5-based Testmy.net tests, using its UK server on our 20MB/s download – 1MB/s upload UK connection.

These results are OK, but do not exactly set our world on fire. We also checked for DNS leaks, but did not find any problems.

expressvpn-speed-no-vpn
No VPN
expressvpn-speed-uk
With VPN to UK server closest to us
expressvpn-nl
We likes us a bit of P2P downloading sometimes, so we decided to also test speeds when connected to ExpressVPN’s server in Amsterdam

Conclusion

There is nothing majorly wrong with ExpressVPN. As long as the NSA is not a major concern, its privacy policies and technical security are absolutely fine for most users, and it performance, while not amazing, is average or better for a VPN service. As such, and despite being on the decidedly pricier end of the spectrum, we can quite happily recommend the service. While at the same time noting that better services are available for less outlay.

Alternatives for ExpressVPN

Starts from
$ 9.99 per month
Torguard Review
  • Great for privacy
  • Up to 5 simultaneous connections
  • Stealth servers and SHH tunnelling
  • Good android app
  • Good performance
  • 128-bit blowfish encryption on most severs (although 256-bit encryption is available)
www.torguard.net
Starts from
$ 10.00 per month
IPVanish Review
  • Good for privacy and security
  • Android app
  • Based in US
  • Software is simply functional
  • Abysmal support
www.ipvanish.com
Starts from
$ 6.95 per month
Private Internet Access Review
  • Great privacy and security
  • Fantastic Windows client
  • Very fast
  • Fantastic value for money
  • OSX Mac client not so good
  • Based in US
www.privateinternetaccess.com

ExpressVPN Review

Fast VPN with excellent privacy settings

ExpressVPN is one of the best VPNs in our reviews. Both fast and secure, it allows users to unblock Netflix and other services and surf the web anonymously.
Starts from
$ 12.95 per month
Visit ExpressVPN
Starts from
$ 12.95 per month
Visit ExpressVPN
  • Servers in 78 countries
  • SmartDNS
  • Android and iOS apps
  • Great customer service
  • No usage logs, but collects a lot of metadata
  • Based in US
www.expressvpn.com