NordVPN Review: Feature-rich but Transparency and Privacy Issues to Address

This top-tier VPN still has a lot of room for improvement.


 One of the biggest players in the virtual private network industry, NordVPN appears to hit all the right notes in providing a service that offers everything a customer would want. NordVPN is super fast, packed with useful features, and it’s a breeze to use. It’s based in a privacy-friendly jurisdiction and offers all the standard security and privacy features users should expect from a quality VPN, plus a handful of extras like double-hop VPN and Onion over VPN. And it’s pretty affordable for how much it can do, even if it’s not the cheapest VPN out there.

From a distance, NordVPN almost looks like the perfect VPN. But with a little digging, we uncovered some pretty major cracks in the facade, particularly when it comes to privacy and transparency. Most notably, we found that NordVPN routes some user traffic through residential IP addresses supplied by a company with a questionable history. The company’s overall efforts at transparency also leave quite a lot to be desired.

There’s a lot that’s good about this VPN, and it really is a great option for casual VPN users who just want to unblock content or hide their activity from their ISPs. But for VPN users whose online privacy is absolutely critical, there’s too much uncertainty and obscurity surrounding NordVPN to warrant an enthusiastic recommendation.
Read Also: best-vpns-tested-and-rated-by-our-experts/

When you sign on with a VPN provider, you’re putting a lot of faith in that VPN’s promise to protect your data and keep you safe and secure online. NordVPN’s no-logs claims and multiple security audits are a good start but aren’t enough when the company offers nothing in the way of an annual transparency report and is cagey about its partnerships and corporate structure. If NordVPN expects to remain a top player in the VPN industry and in the online privacy space in general, the company should reassess how it approaches transparency.


  • Among the fastest VPNs
  • Tons of features
  • Diskless RAM-only server infrastructure
  • Solid encryption


  • No transparency reports
  • Ambiguous corporate structure
  • Only six simultaneous connections allowed

Speed: The second-fastest VPN we’ve tested

  • Average speed loss of 13% in summer 2022 speed tests
  • Number of servers: 5,400-plus
  • Number of server locations: 59

Our latest test of NordVPN speed tests over three days in August and July and were extremely impressed by the way in which the VPN service’s speed improved from previous tests that were conducted in the year 2020. In those tests, NordVPN registered an average 53% decrease in speed — which is at similar to the amount of speed VPN users are typically expected to lose when using the use of a VPN connection. Yet, NordVPN only slowed our regular internet speeds by 13% during our most recent test. It’s among the fastest VPNs we’ve tried so far and puts it in the second spot ahead of ExpressVPN that registered just a tiny 2percent speed drop in April.

We examined NordVPN’s speed when connected to its servers using OpenVPN through OpenVPN in New York, the UK, Australia, France, Germany and Singapore. The average speed of our internet without the VPN was 368.07 Mbps. The average speed was 321.28 Mbps in our tests while connected via NordVPN servers.

Connecting via New York — the closest server close to where we live– NordVPN recorded an average of 343.12 Mbps. This was slightly surprising, considering that we got better results in connection to servers further away in the UK (351.41 Mbps) and Europe (345.70 Mbps). It is true that New York is a place that regularly sees a lot of VPN traffic, and therefore the server’s load could have played an impact in the slow speeds. In contrast to other VPNs like IPVanish the NordVPN VPN doesn’t offer an up-to-date view of the load currently being experienced on any server, which means it’s impossible to connect manually to the server that is experiencing the lowest load if you would like to increase the speed of your VPN. The speeds we experienced via NordVPN’s servers in Australia and Singapore which is as you’d expect — were the slowest, at 260.81 respectively. 305.34 speeds, respectively.

Overall We discovered that NordVPN’s speed to be extremely steady throughout our tests. There weren’t any noticeable speeds that you may encounter with other service providers.

It would be great to have NordVPN grow its comparatively small network of 59 servers. While it’s certainly not the largest network, it isn’t as big of other leading players in the industry, like ExpressVPN (94 countries) and Surfshark (95 countries). The presence of more servers in different places can help ensure that users have servers near to their location and also help reduce the burden on serversand both can increase overall speeds.

We also tested speeds using NordLynx which is NordVPN’s own WireGuard-based protocol that it claims is the fastest protocol they offer to test how those speeds compare against speeds we got through OpenVPN. However, when we connected using it using the NordLynx protocol, we saw speeds about 50 Mbps lower in all areas than the speeds we received through OpenVPN. We would recommend OpenVPN regardless, since it’s the standard bearer for VPN protocols and has a perfect combination between speed and security So, seeing faster speeds using this OpenVPN protocols was quite a pleasant surprise.

Cost: Decent introductory prices spike after initial term

  • Price is The first 2 years are $79, or $60 that first year (then $100 per year thereafter) or $12 per month
  • Payment options available: Credit/Debit Card, AmazonPay, Google Pay, ACH Transfer, Cryptocurrency, Cash (via the retail store)
  • Money-back guarantee: 30 days
  • Apps available on: Windows, MacOS, Linux, Android, iOS, Android TV, Fire TV

Pricing for VPNs has become increasingly complicated over the last few years and NordVPN isn’t an exception. The VPN has joined the bandwagon by offering lower initial prices, which increase dramatically following the first year that the membership.

NordVPN offers three different pricing options to choose from. It is possible to sign for a two-year contract which costs $79 for the initial two years of service or a yearly plan which cost $60 the very first year, or a monthly plan which costs you $12 per month. After the initial two years with the two-year plan as well as one year with the annual plan, the introductory rates rise to $100 annually for the following years of service. We wouldn’t recommend locking yourself in with one provider for more than one year at time. time however, due to the constantly changing environment of the VPN market. The monthly subscription is still at $12 each month, for both the initial and subsequent months of service you have on the plan and will amount to $144 per year.

NordVPN does not accept PayPal payments, however it is possible to purchase an account using any major debit or credit card. This includes AmazonPay, Google Pay or ACH transfer. If you prefer to pay in a secure manner it is possible to pay using several cryptocurrencies like bitcoin, ethereum, Tether and dogecoin. NordVPN is also in partnership with a few retailers like Staples, BestBuy and Walmart where you can buy your VPN using cash.

Platforms, streaming, and customer service

The apps are available for Windows, MacOS, Linux, Android, iOS, Android TV, and Fire TV — and you can be connected to VPN through the browser extension that work with Chrome, Firefox and Edge. You can be able to connect to up to six devices at the same time by using just one NordVPN subscription. This is greater than three up to 5 simultaneous connection provided by the majority of VPN providers. In case you’d prefer to secure all your network via only one connection or utilize the VPN for the smart television as well as gaming console it is possible to install NordVPN on your capable router by following the router instruction.

We were not able to block streaming websites like Netflix, Disney Plus and Amazon Prime Video when connected to NordVPN’s US servers.

Support is available 24 hours a day via live chat or via online ticket system for emails. Live chat support from NordVPN can assist you with any general queries however, for any questions beyond this, you’ll need talk to a customer support representative. If you’re a paid customer and have a paid account, you’ll be able to access the first-rate chat support. If you’d prefer to investigate yourself, NordVPN’s Support Center is full of various questions, troubleshooting and setup guides as well as general information.

If you’re unhappy with the service , for any reason NordVPN gives you a thirty-day refund assurance.

Privacy and security: excellent encryption however, red flags do abound

  • Jurisdictions: Panama (potentially others)
  • Security: AES 256-bit, Perfect Forward Secrecy, RAM-only Server infrastructure
  • No annual reports on transparency
  • Important transparency issues with the ownership structure

One of the main points of NordVPN’s appeal to customers is the range of privacy and security features it provides. Alongside regular features such as DNS leak detection and kill switches NordVPN provides double-hop VPN connections as well as obfuscated servers, and Tor-over VPN. With additional benefits such as Dark Web Monitoring and Threat Protection, NordVPN is joining a larger trend among VPNs with its security tools for non-VPN users.

NordVPN’s brand-new Threat Protection option available for Mac and Windows devices aims to provide an all-in-one security tool against malicious websites and malware as well as blocking advertisements and trackers.

“Basically the way we work is scan every file in the device you’re using,” NordVPN developer Vykintas Maknickas explained to us during an interview. “We have been training our algorithm using around 5 million files in order to determine whether we can spot patterns that indicate malicious files are somewhat different in the way they appear on the surface.”

In our first interview with Nord and in an previous version of our review this Threat Protection function was explained as scanning the entire device once activated — similar to an antivirus, and using the information it collects to build it with its AI algorithm. In the prior revision of the report we wrote that this feature was an extremely privacy-related request by Nord and we couldn’t endorse it without more investigation.

After the publication of this article, Nord reached out to clarify that Threat Protection doesn’t actually scan the contents of your device.

“The scanning can only be performed for files that are downloaded from the internet , while the feature is active and the ability to scan locally stored files is not available nor scheduled,” NordVPN said in an email. “Moreover we don’t look over any files that might expose any private information.”

Nord stated that every picture and document file are excluded automatically from the scan, and are not transferred to cloud storage which makes executable files the main focus on the scanning. In all cases, Nord said, only the hashes of files are examined not the actual contents of the file — that Nord cross-references against the database of known malware.

In terms of encryption the NordVPN encryption is strong and is in line with the other leading VPNs. NordVPN uses AES 256-bit encryption, with Perfect Forward Secrecy, as well as an encryption key of 4,096 bits that works with OpenVPN as well as IKEv2 connection. The company’s wireguard-based NordLynx encryption protocol also includes the double NAT feature over its WireGuard base to address WireGuard’s well-known, out-of-the-box privacy problem — capturing temporary IP addresses.

After an data breach in 2018 that affected one server in Finland The company took a number of steps to strengthen its security and upgrade to servers that use only RAM disks. In theory, Nord’s servers will not yield any results should one servers be confiscated.

NordVPN claims that it doesn’t record all the data that goes through its servers. However, VPN providers’ no-logs claims are virtually impossible to prove with absolute certainty. Yet, NordVPN has completed several third-party security and no-logs audits over the last few years. It also tells us that a brand new audit by Cure 53 that began in July will be published in October.

As with other VPNs, however the audit reports from NordVPN are only accessible to users who are registered NordVPN customers, which NordVPN claims is due to legal and contractual restrictions. You don’t have to buy an account to access the complete audit reports however, NordVPN requires you to change your email address to gain access to the reports — a decision which is more risky due to Nord’s complex ownership web.

NordVPN’s corporate structure is much more obscure and complicated than other VPN companies within the VPN market that were involved in the recently occurring wave of mergers within the industry. After NordVPN as well as Surfshark were merged during February of this year, the waters became much unclearer. NordVPN affirms that it’s subject exclusively to Panamanian jurisdiction this is a great thing for privacy reasons as Panama does not have any mandatory retention laws for data and is not part of the Five Eyes or other international intelligence rings. However, the privacy aspect is a bit hazy since Nord has its main office physically in Lithuania and also processes payments via the US and maintains legally-constituted entities within the UK and Germany, and is controlled by a holding company located within the Netherlands.

From the online records of various archives and government services, the layout appears to be as follows. A company named Tesonet -that also has an information mining company named Oxylabs and has limited control over specific activities of at least eight businesses: Datasec Holdings, Tefincom (or Tefinkom), ProtonMail (and ProtonVPN’s two applications), NordVPN, CloudVPN, Symposium Limited, Oxylabs and Oxydata.

The year 2008 was the time that NordVPN co-founder Tom Okmanas was also the co-founder of Tesonet Tesonet, and Darius Bereikais was named Tesonet’s CEO. Datasec Holdings (registered in Belize) has filed for ownership of Tesonet’s Lithuanian website, and registered an unregistered website for Tefincom which is an Panamanian company that was managed by a registration agency in Cyprus and later signed the app of NordVPN. Under the Tefincom label the Tesonet’s Datasec Holdings entity redirected Tefincom’s web site to NordVPN which later, it they registered its NordVPN trademark and identified itself as the creator of NordVPN’s iOS application.

Nord’s payment processing was managed by Tesonet’s CloudVPN which is based in Wyoming The company is currently not clear how much of the customer data regarding payments might have been subjected to US monitoring. According to the records of the Wyoming Secretary of State, Bereikais and Okmanas were directors of CloudVPN In the year 2017. But, Nord users have also in the past seen Tesonet’s names appearing on Nord statement of billing and also Symposium Limited (of New Zealand).

After the publication of this review NordVPN informed CNET that Bereikais although one of the first employees at Nord was in no way associated with Nord Security’s structure at present having no influence in the management of the business. NordVPN also confirmed that it is no longer using CloudVPN.

“CloudVPN was not a part of Nord’s organization until the end of 2020. It had no influence on the jurisdiction of operation or personal information that our clients provide us with. While it was in existence it was for a strictly technological purpose. CloudVPN offered payment collection services,” NordVPN said in an email.

More than 10 years, Bereikais has also been included in the official filings of numerous other companies associated in Nord and its parent company, Tesonet. In addition to being the director at ProtonVPN (and the company’s parent company, Cyber Alliance), Bereikais was the director of Symposium Limited and Oxydata.

After the publication of this report, ProtonVPN said to CNET that even though Bareikais was listed in the company’s filings for business in the role of director the control of ProtonVPN was always with the the parent Proton AG. Proton AG. It also said that Tesonet was the sole provider of services for ProtonVPN employees who live in Lithuania up to 2016 in accordance with local laws.

Flash forward to the year 2018. The browser proxy that has been smacked with scandal HolaVPN has taken the Tesonet’s Oxydata to the court in Texas in the United States, claiming Tesonet along with Okmanas were infringing Hola’s patent rights in their Oxydata product. Oxydata is a proxy for residential use. service. Once you have it installed on your device, it will utilize it to get around geoblocks. However, it makes use of a part of your device’s resources . It can also allow another Oxydata users appear as if they be your IP address. This could pose a significant risk if your IP is used by anyone who is visiting a criminally shady website.

The incredibly dense layer of corporate overlap is almost impossible to identify the type of user data that could be used by which governments’ organizations or by third-party companies. That’s the reason NordVPN should begin posting its transparency reports that it already has, which include the many subpoenas to user data it’s received from each country immediately. However, some people at Nord are concerned that it could cause the VPN appear unprofessional.

“We’ve received it internally but we don’t release the information at the moment. There’s a lot of discussion and two opposing views in that one is about transparency, while the other one is about what it appears on the outside.” Maknickas said.

“At time at time we also have obligations to our investors too — like that we must not appear as an unscrupulous company that gets numerous inquiries from the FBI etc.”

Transparency reports are going to become more important as Nord increases its services.

NordVPN provided more information on its corporate structure after the release of the review.

“Historically the main entity for clients that was part of this group used to be Tefincom S.A. — which was a company that was that was registered in Panama. Later, it was changed into NordVPN S.A. (keeping the location) to ensure transparency, transparency and an attempt to create a more uniform legal structure. In the course of this change we notified all our customers, and this change remains being reflected within the terms of Service,” NordVPN stated in its written.

“From the legal standpoint from a legal standpoint, only the company’s location is relevant in relation to the laws which affect the privacy of users. NordVPN is under the lawful jurisdiction of Panama and, therefore, NordVPN’s user information is processed in accordance with Panamanian laws.”

Notes on NordVPN’s kill button

NordVPN provides the kill switch for connecting via OpenVPN as well as the NordLynx protocol. We have tested the kill switch with both OpenVPN as well as NordLynx and were worried that the kill switch was not activated as we moved between servers with NordVPN’s NordVPN MacOS clients.

NordVPN offers two MacOS clients One client can be downloaded via the website , and another can be downloaded through Apple’s App Store. Sideloaded MacOS client comes with the kill switch per-app, where you can choose which applications to shut down if your VPN connection is cut off. In our test, we enabled our Chrome browser to kill however, when we went between servers while the VPN connection was broken and the Chrome web browsing experience continued to run in complete silence. It was only when the client had a timeout when we tried to connect to the seventh server that NordVPN ended the session for Chrome.

This version of the App Store client version MacOS client includes an internet kill switch that is automatic instead of an application-based kill switch. This means that the entire internet connection should be cut off immediately when your VPN connection stops working. It was apparent that our App Store version failed to shut down our internet connection when we moved from server to servereven though we had our “advanced” kill switch activated that NordVPN states is “an additional layer of security for security against extremely rare and specific IP leaks while connected to a VPN.”

We recorded the logs from these sessions to Nord to check if they had some explanation for the issue it was happening in our tests. Maknickas confirmed that the traffic does not stop when switching between servers on each version of the application. He also said that a new VPN tunnel doesn’t open when a server is switched; instead, the existing tunnel is changed. This, along with the speedy reconnection time between server switches, may cause it to be difficult for users to detect any noticeable interruptions to the user experience. Maknickas claimed that the tunnel shut down after our seventh request to swap servers due to the fact that we exceeded the limit set by NordVPN for active session of 6 performing multiple reconnections within the short amount of time.

“In-house we test the performance of the killswitch through creating the MitM [man in middle] network by connecting the device that has VPN activated to that network” Maknickas said in an email response. “We create internet traffic using the device using tools like IPerf3 and then perform VPN servers to check whether or not any packets are traversing the tunnel (and is able to confirm that they aren’t).”

It’s not clear at this time what the reason for the apparent inability to completely shut off an internet connection lies on the part of Nord or if it might be related to an issue that was recently identified that allows certain variants of iOS to continue to connect without the VPN tunnel. Nord has been aware of the issue however, and has stated that Apple’s security controls for connectivity prevent the application from completely stopping the device.

“We can’t manage the ‘killing the internet’ aspect. We can make sure that your DNS is set up correctly so that it won’t expose your IP address since your requests don’t reach the internet, but instead to a system that we have set up incorrectly” Maknickas said, adding that Nord will push users to the VPN’s app that is sideloaded as opposed to apps in the App Store.

“Over the years, we’ve come up with these solutions however, simultaneously, time the thing we’re trying to do is fundamentally build the system from the bottom from the ground up to allow us to be in charge.”

NordVPN has a wealth of features that are designed to protect you and secure your privacy online. However when we discovered some serious flaws with the service, it became apparent that the VPN isn’t perfect and has plenty of work to be done to improve its security and transparency.

Update September. 8. The previous edition of the review correctly described the contents of an interview conducted by NordVPN about the service’s Threat Protection option. This review has been updated with additional clarifications from NordVPN.

Leave A Reply

Your email address will not be published.