Choosing the right VPN (Virtual Private Network) should be simple and easy.  But dangerous pitfalls can destroy the very anonymity that a VPN is intended to create.  Here are the right questions to ask, and some important things to watch out for.

When you use a VPN, you connect to a server operated by the VPN Company, and it in turn makes all your internet requests on your behalf. Consequently, the internet services you access and the websites you visit see only the IP address of the VPN company's server, not yours: the server you connect to becomes your "exit point".  Most VPNs allow you to select your exit point.  This protects your anonymity, but it can present certain problems. 

 

Diverse exit points

One significant VPN inconvenience has to do with the way many search engines apply geolocation services to your IP address in order to direct you to regional services, often in a language you don't speak.  For example, if you are located in the USA, but you're using a VPN with an exit point in Germany, and you search for something using a search engine such as Bing or Google, you'll most likely be presented with search results in German, and directed to German-language versions of relevant websites.  Depending on the service, switching manually to your own language can be inconvenient.

Worse still are the fraud protection measures taken by banks and financial institutions, utility companies, government agencies and many others, who will look at your "foreign" IP address and decide that you — a perfectly legitimate user — may be setting up to commit a fraudulent act because you are not 'in the country'.

• Tip 1: Look for a VPN service that has exit points in many countries, and at least one in your own country so you can switch to it when accessing critical services with geolocation restrictions.

 

Encrypted connection

When you use a VPN, they provide you with a small piece of communications software to install on your device that intercepts internet requests from every app and directs them through a connection it makes with the VPN service's server. 

When you connect to the internet using WiFi (whether at home or office, and especially when connected to a public WiFi hotspot) anyone in the area with the right equipment can intercept all of your internet traffic.  Although such 'hacking' is relatively rare, it's a lot more common than you might think. 

There's nothing you can do to prevent someone from intercepting the radio waves of WiFi, nor to prevent eavesdropping of your data at any of the intermediate points on the electronic path between your computer and the websites you access, but if you are using a VPN service that encrypts the connection between your server and theirs, all an eavesdropper can get is a meaningless stream of data.

• Tip 2: Look for a VPN service that uses client software (what you install on your device) that encrypts the connection.

 

Anonymous payment methods

If all you want is to protect your digital identity from the websites you visit, and you don't care if the VPN service itself knows who you are, then you can use any payment method you like.  However, if you are interested in genuine anonymity, there's not much point to using a VPN service to anonymize yourself only to pay for it using a credit card that identifies you. 

• Tip 3: Look for a VPN service that offers anonymous payment methods.  These include those that accept international postal money orders, gift cards from Visa, MasterCard and American Express that can be purchased for cash, brand-name gift cards, digital currency such as bitcoins, or simply in cash via snail mail.

 

A Privacy Policy that clearly states they keep no logs

When you use a  VPN service, the websites you visit have no idea who you are unless you tell them, but your VPN does… at a minimum they know your IP address, and if they keep log files, they know every website and service you visit on your connection with them. 

• Tip 4: ONLY use a VPN service that unambiguously states that they keep absolutely no log files. 

As a side point, and just so it's clear: although we are not a VPN per se, we keep absolutely no log files, ever, for any reason.  In fact, we go to great lengths not to have ANY identifying information, and because the Kahuna™ network is inherently anonymous, we also have nothing to log in the first place. See our privacy policy -- it's a good benchmark against which to measure the privacy policies of the VPNs you consider.

 

Do I need a VPN with Merlin?

It depends.  merlin uses the Kahuna™ network, which is inherently anonymous and totally encrypted.  Plus, everything inside Merlin is separately encrypted anyway.  When Merlin communicates with other Merlin users, it connects to a randomly chosen Kahuna™ server, which then relays your encrypted data to other Kahuna™ servers, whereupon the trail back to you is lost. 

However, that first Kahuna™ server your Merlin app contacts does know your IP address.  We don't log it, and we flush it from memory when your session ends or Merlin randomly decides it's time to connect to a different Kahuna™ server, but for that brief period of time the Kahuna™ 'edge node' knows your IP address.  But that's all it knows, it doesn't know the identities or IP addresses of the persons you are communicating with. 

So the mere fact that the edge node your copy of Merlin talks to knows your IP address is pretty meaningless.  But if you want to prevent even that knowledge, you can use a VPN.  Merlin and Kahuna™ have been tested with and routinely run over many different VPNs; it works just fine.

 

What about free VPNs?

Free VPNs sometimes work, but more often than not the service they provide is slow and connections drop frequently (of course, if you're not satisfied, you can always ask for a refund).

• Tip 5:  You get what you pay for.