This article has multiple issues. Please help improve it or discuss these issues on the talk page . (Learn how and when to remove these messages)
|
Developer | Kape Technologies |
---|---|
Type | Virtual private network service |
Launch date | 2009 |
Platform(s) | |
Operating system(s) | |
Status | Active |
Website | expressvpn |
ExpressVPN is a prominent virtual private network (VPN) service designed to enhance users' online privacy and security. It provides encryption for web traffic and masks users' IP addresses to protect their personal information and browsing activities from potential surveillance and cyber threats. [1]
The service is operated by Express Technologies Ltd., [2] a company registered in the British Virgin Islands, although its headquarters are situated in Hong Kong. [3] As of September 2021, ExpressVPN is owned by Kape Technologies [4] [5] , a global cybersecurity firm and reportedly has 4 million active users. [6]
ExpressVPN was founded in 2009 by Peter Burchhardt and Dan Pomerantz, two serial entrepreneurs who were also Wharton School alumni. [7]
On January 25, 2016, ExpressVPN announced that it would soon roll out an upgraded CA certificate. [8] Later that December, they also released open source leak testing tools on GitHub. [9]
In July 2017, ExpressVPN announced in an open letter and later a public statement by Apple, that Apple had removed all VPN apps from its App Store in China, a revelation that was later picked up by The New York Times and other news outlets. [10] [11] [12] In response to questions from U.S. Senators, Apple stated it removed the VPNs due to a request from the Chinese government. [13] In December, ExpressVPN came into the spotlight in relation to the investigation of the assassination of Russian ambassador to Turkey, Andrei Karlov. Turkish investigators seized an ExpressVPN server which they say was used to delete relevant information from the assassin's Gmail and Facebook accounts. [14] [15] Turkish authorities were unable to find any logs to aid their investigation, which the company said verified its claim that it did not store user activity or connection logs, adding, "while it's unfortunate that security tools like VPNs can be abused for illicit purposes, they are critical for our safety and the preservation of our right to privacy online. ExpressVPN is fundamentally opposed to any efforts to install 'backdoors' or attempts by governments to otherwise undermine such technologies." [16]
In December 2019, ExpressVPN became a founding member of the VPN Trust Initiative, an advocacy group for online safety of consumers. [17]
In May 2020, the company released a new protocol it developed for ExpressVPN called Lightway, designed to improve connectivity speeds and reduce power consumption. [18] In October, Yale Privacy Lab founder Sean O'Brien joined the ExpressVPN Digital Security Lab to conduct original research in the areas of privacy and cybersecurity. [19]
On April 28, 2022, Indian Computer Emergency Response Team (CERT-In) under the Ministry of Electronics and Information Technology issued a new directive that asked the VPN providers to collect and store user data for up to five years. [20] [21] In response to the new VPN rules that require private network providers to store user information, ExpressVPN announced it would move its India-based servers to Singapore and the UK. [22] On June 2, 2022, ExpressVPN officially announced that it "refuses to participate in the Indian government's attempts to limit internet freedom." [23]
In 2023, ExpressVPN launched its app for Apple TV. [24] [25]
On September 13, 2021, it was reported that ExpressVPN had been acquired by Kape Technologies, an LSE-listed digital privacy and security company. [26] [27] At the time of the acquisition, ExpressVPN reportedly had over 4 million active users. [6] ExpressVPN announced in September 2021 that it would remain a separate service from existing Kape brands. [28]
In May 2023, Kape Technologies was delisted from the LSE in a transaction by Unikmind Holdings Limited, a company owned by the Israeli and Cypriot businessman Teddy Sagi. [29]
In September 2021, ExpressVPN CIO Daniel Gericke paid a $335,000 fine for previously carrying out hacking operations on behalf of the U.A.E. government without having a valid export license from the US government. [30] [31] [32]
In February 2024, it was revealed that ExpressVPN software had contained a bug for several years that exposed the domains users were visiting. The bug was present in ExpressVPN Windows versions published between May 19, 2022, and February 7, 2024, affecting those who were using the split tunneling feature. [33]
ExpressVPN has released apps for Windows, macOS, iOS, Android, Linux, and routers. [34] The apps use a 4096-bit CA, AES-256-CBC encryption, and TLSv1.2 to secure user traffic. [35] Available VPN protocols include Lightway, OpenVPN (with TCP/UDP), SSTP, L2TP/IPSec, and PPTP. [36]
The software also features a Smart DNS feature called MediaStreamer, to add VPN capabilities to devices that do not support them, and a router app, allowing the VPN to be set up on a router, bypassing unsupported devices such as gaming consoles. [37]
ExpressVPN is incorporated in the British Virgin Islands, a country that has no data retention laws, and is a separate legal jurisdiction to the United Kingdom. [38]
ExpressVPN's parent company also develops leak testing tools, which enable users to determine if their VPN provider is leaking network traffic, DNS, or true IP addresses while connected to the VPN, such as when switching from a wireless to a wired internet connection. [39]
In December 2021, ExpressVPN modified its product to protect against Log4Shell, updating its VPN to automatically block all outgoing traffic on ports used by LDAP. [40]
In January 2022, ExpressVPN launched Parallel Connections, a backend feature which simultaneously runs multiple methods of connecting a user to a given server, automatically picking the one that connects a user first.
ExpressVPN launched Aircove, a Wi-Fi 6 router that includes a built-in VPN, in September 2022. Aircove permits speed up to 1,200 Mb/s (600 Mb/s for 2.4 GHz and 1,200 Mb/s for 5 GHz), covers areas up to 1,600 sq feet, and offers a quad-core 64-bit processor. [41] [42]
In April 2019, ExpressVPN announced that all their VPN servers ran solely on random-access memory (RAM), without the need of hard disk drives. In theory, as soon as a computer is shut down, all information on the server vanishes and cannot be recovered; the next time the server reboots, a fresh version of the VPN infrastructure is spawned. This was the first example in the VPN industry for such a server security setup, and was referred to as TrustedServer. [43]
In February 2022, ExpressVPN announced a $100,000 bug bounty for anyone who was able to hack its in-house technology, TrustedServer. [44]
As of August 2022, ExpressVPN's server network covered 94 countries. [45]
Lightway is ExpressVPN's open source VPN protocol. Launched in 2020, it is similar to the WireGuard protocol, but uses wolfSSL encryption to improve speed on embedded devices such as routers and smartphones. It does not run in the operating system's kernel, but is lightweight to support auditing. It is reportedly 2.5x as fast as OpenVPN and other older protocols, improves reliability by 40%, and supports TCP and UDP. [46] [47]
In August 2021, ExpressVPN announced the full public release of Lightway as well as full open-sourcing of Lightway's code. [47]
In 2020, ExpressVPN announced its new digital security research initiative Digital Security Lab, which investigates digital rights and security issues while educating consumers. [48]
In 2021, Digital Security Lab released a new report that examined data collection practices in apps for opioid addiction and recovery. Research found that the large majority of all these apps provided by third parties, including Facebook, Stripe, Inc., and Google, access to user data. [49] [50] In a similar 2021 study, Digital Security Lab analyzed 450 apps and found that all studied apps contained questionable location trackers. [51] Digital Security Lab also conducted a study on Generation Z’s mental health, finding that 86% of Gen Z participants perceived that social media had a direct impact on their happiness. [52]
A 2022 survey on remote workers found that 78% of employers digitally monitor their employees without staff knowledge. [53]
Virtual private network (VPN) is a network architecture for virtually extending a private network across one or multiple other networks which are either untrusted or need to be isolated.
UC Browser is a web browser developed by mobile internet company UCWeb, a subsidiary of the Alibaba Group. It was the most popular mobile browser in India, Indonesia, and Mali, as well as the second-most popular one in China as of 2017. Its world-wide browser share as of May 2022 is 0.86% overall according to StatCounter.
Malwarebytes Inc. is an American Internet security company that specializes in protecting home computers, smartphones, and companies from malware and other threats. It has offices in Santa Clara, California; Clearwater, Florida; Tallinn, Estonia; Bastia Umbra, Italy; and Cork, Ireland.
Digital privacy is often used in contexts that promote advocacy on behalf of individual and consumer privacy rights in e-services and is typically used in opposition to the business practices of many e-marketers, businesses, and companies to collect and use such information and data. Digital privacy, a crucial aspect of modern online interactions and services, can be defined under three sub-related categories: information privacy, communication privacy, and individual privacy.
AnchorFree is an internet privacy and security company that provides businesses and consumers with advanced technologies to enable secure and private web browsing. The company's flagship product is Hotspot Shield, a popular virtual private network (VPN) service and the top-grossing app for productivity in the Apple App Store. The company is led by David Gorodyansky, who founded the firm in 2005 with his friend Eugene Malobrodsky. AnchorFree is headquartered in Redwood City, California, with offices in Ukraine and Russia. Its most recent fundraising round in 2018 brought in $295 million, bringing total funding to $358 million.
Private Internet Access (PIA) is a personal VPN service that allows users to connect to multiple locations. In 2018, former Mt. Gox CEO Mark Karpelès was named chief technology officer of PIA's parent company, London Trust Media. In November 2019, Private Internet Access was acquired by UK-based Kape Technologies.
The Calyx Institute is a New York-based 501(c)(3) research and education nonprofit organization formed to make privacy and digital security more accessible. It was founded in 2010 by Nicholas Merrill, Micah Anderson, and Kobi Snitz.
Proton Mail is a Swiss end-to-end encrypted email service founded in 2013 headquartered in Plan-les-Ouates, Switzerland. It uses client-side encryption to protect email content and user data before they are sent to Proton Mail servers, unlike other common email providers such as Gmail and Outlook.com. The service can be accessed through a webmail client, the Tor network, Windows, macOS and Linux (beta) desktop apps and iOS and Android apps.
Teddy Sagi is an Israeli billionaire businessman based in London and Dubai. Sagi is the founder of the gambling software company Playtech, cybersecurity company Kape Technologies and owner of London's Camden Market. His personal wealth is estimated at US$6.4 billion, with interests in real estate, gambling software, payments processing, and digital advertising.
Norton, formerly known as Norton by Symantec, is a brand of Gen Digital co-headquartered in Tempe, Arizona and Prague, Czech Republic. Norton originally provided utility software for DOS, and currently offers a variety of products and services related to digital security, identity protection, and online privacy and utilities.
Mullvad is a commercial VPN service based in Sweden. Launched in March 2009, Mullvad operates using the WireGuard and OpenVPN protocols. It also supports Shadowsocks as a bridge protocol for censorship circumvention. Mullvad's VPN client software is released under the GPLv3, a free and open-source software license.
NordVPN is a Lithuanian VPN service with applications for Microsoft Windows, macOS, Linux, Android, iOS, Android TV, and tvOS. Manual setup is available for wireless routers, NAS devices, and other platforms.
HMA is a VPN service founded in 2005 in the United Kingdom. It has been a subsidiary of the Czech cybersecurity company Avast since 2016.
KeepSolid VPN Unlimited is a personal virtual private network software product available for iOS, macOS, Android, Windows, and Linux.
PureVPN is a commercial VPN service owned by GZ Systems Ltd. Founded in 2007, the company is based in the British Virgin Islands.
Surfshark is a brand of VPN services offered by the Netherlands-based company Surfshark B.V.
Windscribe is a commercial, cross-platform virtual private network (VPN) service provider based in Canada.
A virtual private network (VPN) service provides a proxy server to help users bypass Internet censorship such as geo-blocking and users who want to protect their communications against data profiling or MitM attacks on hostile networks.
NordLayer, formerly known as NordVPN Teams, is a network access security service with applications for Microsoft Windows, macOS, Linux, Android and iOS. The software is marketed as a privacy and security tool running on zero trust architecture providing protection on hybrid and multi-cloud cloud environments.
Surfshark B.V. is a cybersecurity company established in 2018. It launched its first product, a Surfshark VPN in the same year. Surfshark also has various cybersecurity tools: a data leak detection system Surfshark Alert, a private search tool known Surfshark Search, and an antivirus named Surfshark Antivirus, a personal data removal service Incogni, a credential generator Alternative ID, and a Dedicated IP service.