For the last decade, ExpressVPN has become one of the largest VPN services on the market. Founded back in 2009, they continued to gain popularity over the years thanks to having a hands-on approach to their network infrastructure, all while keeping a very simple interface that even grandma can use. Their service is well rounded in terms of speed and global coverage, and includes additional functionality from Smart DNS servers to custom network router firmware allowing you to connect an unlimited amount of devices. ExpressVPN is not the cheapest subscription available, but they have excellent security. Their customer service and refund policy is also stellar. In this review, I will dig into the pros and cons of this provider, and how well it performs in 2019.
Security and Privacy
Very few VPN companies can claim to add security to the actual infrastructure of their servers. Every step of the way, ExpressVPN has employed proper layers of security to ensure that every connection made between their client and servers remain secure. This includes symmetric data-channel encryption between the app and the servers, perfect forward secrecy, and HMAC authentication. These protocols provide a premium level of security when using a VPN. ExpressVPN also notably patches all their servers within 24 hours of any CVE (Common Vulnerabilities and Exposures) to have been found. Taking it yet a step further, every server can only be used for a maximum of 24 hours before being formatted by ExpressVPN’s automated system. The OS and patches are re-installed before being placed back in service, essentially rebuilding every server once a day. This limits the amount of time any attacker or hacker can try to breach a given server. The company operates their own server hardware infrastructure, but to make the automation possible, and although not consumer facing, their web tools are run on AWS, Amazon’s cloud hosting. Overall, these features alone elevate the security available, as most VPN services currently rent out third-party VPN and DNS servers. For ExpressVPN, the whole service is designed to reduce all risks, including possible breaches and exploits on the servers themselves by limiting the amount of time and data available to attackers.
Having strategically registered their headquarters in the British Virgin Islands, the company does not have any data retention laws to follow. More importantly, ExpressVPN does not keep any activity or connection logs whatsoever. They stand-by not retaining any activity, DNS queries, or user logs of any sort, and have setup their servers to delete any sensitive data related to queries, metadata, IPs, and websites visited. Beyond the minimal crash logs used for troubleshooting and debugging, you can rest assured that none of your activity is logged when using this VPN. Although you need an email address to signup to the service, you can pay using Bitcoin for better billing privacy.
The service offers encryption through the standard protocols ranging from the best option. OpenVPN over UDP or TCP, to SSTP as well as much less secure L2TP and PPTP protocols in case that’s all your device can use. When using the recommended OpenVPN protocol, ExpressVPN employs up-to-date AES-256-bit CBC encryption matched with SHA-514 RSA 4096-bit keys. As mentioned, additional perfect forward secrecy changes keys every time you connect, and symmetric encryption is used to ensure that all connections made between the client and servers also remain encrypted against attackers.
The company also runs their own DNS servers to eliminate the risk of third-party data leaks. The client provides DNS and IPv6 leak protection that is turned on by default. Also turned on by default is a kill switch that can be found under the ‘General’ menu, and is referred to as ‘Network Lock’. A kill switch is an important feature to avoid having your real IP or DNS leak if your VPN server happens to disconnect. This could also lead to having online services detect the usage of a VPN and block you. I like the fact that all leak protection features are on by default, eliminating the risk for new or beginner VPN users.
IP and DNS Leak Test
Together, the team at VPNPick tested and re-tested over 60 different server locations since 2019, and not once did we detect any kind of leak. Over the years, the service continues to pass all data leak testing we throw at it. No matter what service provider I might be using, I regularly run IP, DNS and WebRTC leak tests to make sure the VPN is working the way it should. Therefore even when using a premium service like ExpressVPN, I still test it as soon as I connect to a new server, and I have yet to be disappointed. Great overall security offered through all of their apps. And since IP and DNS leak protection is on by default, new users don’t have to be concerned with turning them on before use.
At this time, ExpressVPN’s network counts more than 3000 servers across some 160 cities in 94 different countries. It’s safe to say they now truly serve a global subscriber base. No matter where you are located, or where you want to connect to, the selection will likely have you covered. Matched with good speeds, you can find a server in the location of your choice and use it for every imaginable application. Streaming Netflix, Hulu, HBO Now using US based servers, or BBC One on UK based servers. Downloading P2P torrents with fast speeds and no bandwidth limits. Or you can simply browse privately with no restrictions. The ExpressVPN app is simple and stripped down to essentials, making it more accessible to all users, newbie and veteran alike. Selecting a server is done through the ‘Recommended’ list for the fastest and most popular options, or you can drill down by continent under the ‘All’ tab. A Split tunneling option is available under the General settings. The Split tunneling allows you to create a list of apps that by-passes the VPN and uses your public internet IP when needed.
The app can be installed on every platform. Client software is available for Windows, Mac, Linux, iOS, Android, Blackberry, and even Amazon Fire TV and Kindle Fire devices. Browser extension tools are also available for Chrome and Firefox, and have been externally audited to better ensure they are safe to use. All versions are quick to install and the interface is simple to use. You can get connected in a matter of seconds from launch. For everything else, a complimentary and very fast Smart DNS service is provided through the website. Simply select the type of device you need to setup, such as an Xbox, Playstation, or Apple TV, and you’re quickly presented with a DNS server IP and a step-by-step graphical tutorial to guide your setup as easily as possible. Smart DNS does not encrypt your traffic, and is not an option for privacy, but if all you need is to unblock geographically restricted content like Hulu or Netflix, the solution is possibly better for you since you don’t loose any bandwidth speed, whereas encrypted servers will reduce your speeds to different degrees.
But what if you want privacy and security across all your devices? In most cases, the only solution is to run a VPN router, but purchasing a pre-configured router from existing options is quite an expensive, and arguably complex process. For beginners who are not familiar with Wi-Fi router firmware modifications, or the firmware options themselves, the learning process to successfully modify and configure your own VPN router can be very daunting. This is why some companies offer pre-configured routers at a cost. Firmware is essentially the software that runs the a piece of hardware, in our case, a Wi-Fi router. This software needs to be changed from the original manufacturer option because they almost always lack the ability to add VPN configurations. However once changed, custom firmware allows you to connect to a VPN server directly at the router level, essentially encrypting all of your internet devices, hard wired, or Wi-Fi connected.
ExpressVPN offers their own custom OpenWRT router firmware for quite a few different Wi-Fi router models. What this means is that you can easily download and update the firmware on your router to ExpressVPN’s custom dashboard, and without having to do any additional configuration, all of the servers will be available for you to use directly on the router, which is accessible through your web browser. The end result is that you can have every single device on your network pass through an encrypted VPN server at the router level, instead of having to use individual apps on your devices. This also allows gaming consoles or non-supported devices to now pass through the VPN server connection as well. And the final advantage, is that you no longer have to worry about any limits on simultaneous devices, since all the devices are simply using a single user slot. Of course, ExpressVPN provides handy tutorials and guides on how to access your router dashboard, install the firmware, and connect to servers of your choice. They even make it easy to access your router, by re-directing expressvpnrouter.com to your local device IP. The biggest advantage is arguably not having to configure the firmware after installing it. It’s all ready to use, and very easy to learn.
Beyond all the security features already covered, the client also provides a built in Speed Test which allows you to test a large number of servers at once. Since the server lists do not provide any additional data, this tool becomes useful to quickly pull average ping times and download speeds. The results provide an excellent reference point for quickly finding the servers that are likely to give you the best speeds. You can choose to test all the available servers, a single continent, or only the recommended server list. Beyond this tool, the app remains very basic, and does not have any additional bells and whistles, however, because all servers act as general purpose, there is no need to have any specific lists or features that would rather be useless to the user. Keep it simple stupid is a good strategy to better cater to wide adoption. Typically, I rather have ping times automatically display without having to run a speed test, but at least the tool works quickly, and I could run through all the servers in the matter of a couple of minutes. It’s also possible to favorite servers to quickly access them later.
Overall speeds remain some of the best available under adequate levels of encryption on OpenVPN. I often found myself attaining better speeds than those shown on the Speed Test tool. For example, in the image above, the fastest servers capped at around 40 Mbps, but when I manually selected servers on speedtest.net, I was able to achieve speeds as high as 70 to 80 Mbps on the same servers. It’s good to remember that all speed tests are relative to the servers available, and you might get better or worse speeds depending on the applications and websites you end up using. Results and mileage will vary depending on your own location, internet connection, as well as server location you will be opting to use, but when comparing ExpressVPN, it remains one of the fastest VPN services I have tested.
Netflix and Streaming Test
If you compare the cost of subscription for ExpressVPN with other competitors, you’ll likely quickly notice that the service costs a few dollars more than most. For starters, a single month costs $12.95, and the yearly typically provide a savings of 35%, bringing the monthly cost down to $8.32. However, VPNPick visitors can benefit from a special offer on the yearly plan by using any of the links on this page or website. An additional 3 months will be added to the yearly subscription, bringing cost down by 49% for an equivalent monthly fee of $6.67. At this rate, the cost most certainly becomes competitive, but best of all, if for any reason you are not satisfied, ExpressVPN has a no questions asked 30-day money back satisfaction guarantee refund policy. This is ample time to test the service for a couple weeks or more, and really determine if it meets your needs before having to commit your hard earned money. Every plan allows up to 5 simultaneous connections, and with the available router firmware, you can use an unlimited number of devices by running a single VPN connection through a compatible network router at no extra cost.
A common denominator for a legitimate service, is great customer support. Available 24 hours a day, and 7 days a week, ExpressVPN support is available to help assist in setting up your devices, or troubleshooting any issue you might encounter when using their service. Support is accessed through a live chat, providing a much faster response than traditional ticketing systems. The website includes a wealth of informative setup guides and tutorials which include images for every step, making the process simpler, even for beginners. The response time for tickets and live chat remains impressive. Along with the company’s strong infrastructure maintenance, you can expect some of the best service possible from the support team. It’s worth saying that the 30-day money back guarantee can be considered stamp of trust and confidence in the service. Most providers have opted to shorten the refund period to 7 days or less. Regardless of your experience, you can always opt out before the end of your first month.
There are over 100 active VPN service providers to choose from at this time, but not many come close to providing a truly secure solution. Although ExpressVPN’s app design is simple, the work the company puts under the hood, running their own servers with tight security is something only the best premium VPNs offer. A solid no log policy, 24 hour server cycles, and regularly patched infrastructure provides some of the best security you can hope for. Complimentary Smart DNS servers for streaming devices like gaming consoles or Apple TV make it possible to unblock geographically restricted content, regardless of what device you use. And if you rather have a VPN on every device, you can try out their own router firmware that makes it easy to connect and change servers directly from your browser. The support team is available at all hours to assist in answering questions you might face with using the service. ExpressVPN also has one of the largest selections of countries and cities all around the world, and with a 30-day no questions asked refund policy, you can test this VPN without risking wasting a single dollar. If you’re looking for the cheapest VPN, there are other choices, but if you want a premium quality service, I highly recommend at least trying ExpressVPN for a few weeks.