How Do VPNs Work?


More and more people are using a Virtual Private Network (VPN) to ensure online privacy — and for good reasons.

Internet Service Providers (ISPs) selling customer data; hackers stealing personal information over public Wi-FI; geographical restrictions on online content — a VPN can solve all these problems and more.

But while VPNs can increase online security, using a VPN is not a decision to be taken lightly. It’s crucial to understand how VPNs work, as choosing the wrong VPN service could be a security disaster. 

This article will explore questions such as:

  • What is a VPN?
  • What can a VPN do?
  • How does a VPN work?
  • Are VPNs legal?
  • Are VPNs safe?
  • Which are the best VPN services?

What Is a VPN?

A VPN allows two or more devices to securely share private data over a public network.

VPNs originally developed for use in businesses and organizations. A VPN can allow employees to remotely connect to their office network, providing secure access to resources; or directly connect to colleagues, ensuring their conversations are private.

Nowadays, VPNs are frequently used by consumers. This commercial use of VPNs is the type of VPN we’ll be discussing in this article.

A VPN can provide a more private and secure connection to the internet. 

A user’s network traffic (information transferred to and from their device) flows through the VPN provider’s server. The VPN keeps the user’s online activity private and disguises their identity.

Why Use a VPN?

There are many reasons people use VPNs. We’ll look at three of the most common.

Safely Using Public Wi-Fi Networks

It’s convenient to use public Wi-Fi hotspots at coffee shops, shopping malls, or on public transport. But using public Wi-Fi networks can present a serious security risk.

  • When a person connects to a public Wi-Fi network, other users on the network can spy on their internet activity. 
  • Cybercriminals can use public Wi-Fi to conduct man-in-the-middle attacks.” A malicious actor can intercept private a person’s communications and trick them into giving up personal information.
  • Public Wi-Fi networks can be fake — using a fake public Wi-Fi network to extract people’s passwords and credit card details is a common type of “phishing” scam.

Using a VPN when connected to public Wi-Fi can prevent these sorts of dangers. 

A VPN sets up a private connection to a remote server. This means that all a user’s network traffic is routed through the server and is much more difficult to intercept.

Because of how a VPN masks a user’s private data, any information they sent over a public network will be meaningless even it is intercepted.

Accessing Restricted Content

Websites and online services can identify where their users are located. By using a VPN, a person can make it appear as though they accessing the internet from another location (known as “location spoofing”).

For example, if a person accesses the internet in France, a VPN connection can make it appear as though they are accessing the internet from the United States.

Location spoofing can be useful because certain websites and online services are unavailable in some countries. Others, such as Netflix and Hulu, restrict certain content in certain regions.

A VPN can enable access to location-restricted content, such as TV shows or live streams that have not been published or broadcast in the user’s home country. And VPNs are also used to circumvent restrictions in countries with strict internet censorship laws.

Ensuring Privacy

It’s not too much of an exaggeration to say that Internet Service Providers (ISPs) can spy on their customers. 

ISPs can view their customers’ internet activity and derive meaningful data from this — for example, which websites they visit and who they communicate with. 

In some countries, ISPs are legally required to log their customers’ internet activity. For example, in the United Kingdom, ISPs must retain logs of their users’ internet activity for 12 months in case the Government wants to access it.

ISPs can also collect data about their customers’ internet activity for commercial reasons. In the United States, ISPs can sell data about its customers’ browsing history and location data to third-party marketing companies.

Moreover — ISPs can, in theory, view the actual contents of unencrypted web traffic. Most websites and messaging services now use secure methods to send and receive data, but many do not.

A VPN disguises a user’s location and the nature of the websites and online services they access. A VPN also ensures that all web traffic flowing to and from a user’s device is kept private. This prevents ISPs — or anyone else — from spying on their web activity.

How Does a VPN Work?

The basic function of a VPN is to allow a user to connect to a private network over a public connection. Most VPN providers also encrypt network traffic and disguise a user’s IP address and location.

How Do VPNs Keep Data Private?

When a user sends data from a VPN client (e.g., a desktop, laptop, or mobile device that’s connected to a VPN), the following process occurs: 

  1. The data breaks up into small “packets.”
  2. The packets of data are “encrypted.” Encryption means the information is scrambled so it can’t be read without permission. This ensures the user’s data remains private, even if it’s intercepted.
  3. Each packet is “encapsulated.” This involves surrounding the private data with public data so it passes through the network unrecognized. This is known as “tunneling.”
  4. The data arrives at its destination at the end of the VPN tunnel. That destination is a VPN server hosted by the VPN provider. The data is decrypted and sent to the appropriate resource (e.g. website server, email server, etc.).
  5. The internet resource responds by sending data (contents of a website or whatever other data the user has requested) back to the VPN provider’s server.
  6. The data is encrypted, encapsulated, and sent back through the tunnel.
  7. The data arrives at the user’s device and is decrypted.

How Do VPNs Disguise User Location?

A VPN can make it seem like a user is located thousands of miles from their physical location. It does this by changing the user’s IP address.

An IP address is a string of characters assigned to a device, either permanently (a “static” IP address) or for a session (a “dynamic” IP address). An IP address reveals a user’s location to their Internet Service Provider, online services they interact with, and websites they visit.

VPN providers provide servers in various locations around the world. Users can choose the location to which they wish to connect. Their device will then send and receive data through the VPN server via the tunneling process described above.

While connected to the VPN provider’s server, the user will be assigned an IP address generated by that server. It will appear as though their network traffic is originating from that server’s location, rather than the user’s physical location.

What Is a VPN Protocol?

There are several methods of routing traffic through a VPN, known as “protocols.” 

Here are four of the major VPN protocols:

  • OpenVPN — A widely-used open-source VPN protocol. OpenVPN is highly secure, but also quite slow. 
  • Layer 2 Tunneling Protocol (L2TP)/Internet Protocol Security (IPSec) — Faster than OpenVPN, but can be blocked more easily.
  • Secure Socket Tunneling Protocol (SSTP) — Microsoft-owned protocol that’s highly secure (if you trust Microsoft).
  • Point-to-Point Tunneling Protocol (PPTP) — Early implementation of VPN technology that is now obsolete.

Different VPN services use different VPN protocols, and they each have their advantages and disadvantages (except PPTP — avoid PPTP).

How Do I Use a VPN?

VPNs can be accessed anonymously, or by registering with a premium or free VPN provider.

Subscribers can turn their VPN connection on and off whenever they need it — on either a public or home network. They can do this via a desktop VPN app, smartphone VPN app, or browser extension. 

Are VPNs Legal?

VPNs are legal in most places, including:

  • United States
  • United Kingdom
  • Canada
  • Australia
  • New Zealand
  • The whole of the EU
  • Most of Latin America
  • Most of Africa
  • Most of South and South-East Asia

Some countries have either banned VPNs outright, or taken measures to stop their citizens from using them, including:

Even if it is not explicitly illegal, it might not be advisable to use VPN any country with harsh internet censorship laws or intrusive state surveillance practices.

Are VPNs Safe?

People use VPNs to shield their internet activity from their ISP or advertisers such as Google. VPNs can help protect a person’s network traffic being intercepted while using public internet connections. This means using a VPN can be safer than not using one.

However, the user’s network traffic doesn’t just disappear — it gets routed through the VPN provider’s servers. This means that their data is, by design, being “intercepted” by the VPN provider.

With this in mind, it’s important to ask: Is a VPN a safe option?

In theory, a connection to a VPN could be unsafe. A fake or malicious VPN provider could access and record its users’ private activity.

That’s why it’s crucial only to use a reputable VPN provider

The VPN industry is highly competitive, and the major VPN companies pride themselves on their reputations for respecting user privacy. Any evidence that a VPN brand was spying on its users would result in a huge loss of users and revenue.

Before committing to a VPN provider, it’s important to do sufficient research to ensure that it’s legitimate.

Will a VPN Slow Down My Internet Connection?

Using a VPN routes network traffic through a remote server, meaning it takes a less direct route from a device to the relevant internet resource. This can slow down internet speeds.

There are several factors that determine connection speed over a VPN:

  • Distance from VPN server — The closer the VPN provider’s server is to the device, the quicker the connection will be.
  • Type of VPN protocol.
  • Bandwidth limits — Some VPN providers “throttle” users’ connections when they’re engaged in certain activities, such are streaming video or downloading torrents.

Using a VPN is not likely to noticeably slow down most activities, but can sometimes cut speeds by between 10 and 50%.

Check out our Guide to Internet Speed


Can I Watch Netflix Using a VPN?

IP spoofing technology lets users access geographically-restricted content. This means it’s possible, in theory, to watch the US version of Netflix in Japan — or the Japanese version of Netflix in the US.

However, accessing geographically-restricted content goes against Netflix’s Terms & Conditions. And Netflix takes steps to prevent this sort of activity. 

VPN providers and Netflix are engaged in a game of cat-and-mouse — Netflix blocks the IP addresses associated with VPN providers’ servers, and VPN providers set up new servers to get around this.

For this reason, it’s hard to say whether a given VPN service will be able to access Netflix at any given time. However, using a popular VPN service with a large number of servers gives the best possible chance.

What Is a Good VPN Service?

There are many VPN providers available, but some offer a different service from others. 

We’re going to explore some of the best secure VPN brands to see what they offer. Each product is unique, but they all have the following three things in common:

  • Unlimited data — These VPN services won’t limit the amount of data you route through their servers.
  • No activity logs — None of the VPNs on our list will record your online activity.
  • Multi-platform compatibility — Each of the VPNs listed is available on Android, iPhone, Linux, Mac, and Windows operating systems.


  • Easy-to-use interface to VPN first-timers.
  • Connect up to 5 devices.
  • Servers in 94 different countries.
  • TrustedServer technology — For added privacy, server data is never written to a hard drive.


  • Browser extensions for Chrome and Firefox.
  • Connect up to 6 devices.
  • 5,147 servers across 59 countries.
  • Double VPN — User data is encrypted twice for added security.
  • CyberSec security suite — Blocks ads, malware, and cyberattacks.


  • Connect up to 10 devices.
  • Over 1,300 servers across more than 75 locations.
  • Over 40,000 shared IPs.
  • Claims to be the world’s fastest VPN.

Cyberghost VPN

  • Connect up to 7 devices.
  • Over 5600 servers across 82 countries.
  • DNS and IP Leak Protection — Minimize the chance that your online activity is detected by your ISP.
  • Advanced customizable security settings.


  • Browser extensions for Chrome and Firefox.
  • Connect up to 5 devices.
  • Over 2000 servers across 180 locations.
  • Dedicated VPN app for Smart TVs.
  • Port Forwarding — Optional add-on for the extra protection against hackers.