In 2019, NordVPN became one of the founding members of the VPN Trust Initiative (VTI). VTI aims to establish an industry-wide quality standard for all VPN services and educate the public about VPNs' security benefits.
Now, we're happy to share the key best practices that VTI members have agreed to follow. It's not just about making NordVPN better — it's about improving the VPN market as a whole to make its users more secure.
The first and most important focus of the VTI is security. All members must use strong security measures and protocols to ensure the safety of our customers. But the security guidelines don’t contain specific technological requirements. Since the VPN industry is still changing, any such criteria would become outdated very quickly. However, there are security guidelines services should follow:
Users’ digital privacy is another core principle of the VTI. Members of the coalition must ensure the privacy of their users as much as possible. VPNs can achieve this through technological means and through their communication.
When it comes to technology, the first thing VPNs should provide is anonymous payment methods like cryptocurrencies or cash. Others tech solutions for concealing customers’ identities could be token or number based IDs. Tokenization replaces sensitive information, like a user's personal data, with unique, non-sensitive identification symbols.
VPN providers should make sure their users know how VPN technology works. Users should also understand what information their providers collect, the company's logging policy, and VPNs’ tech limitations.
VPNs have to be clear about the level of security they provide. For example, brands shouldn't claim that they provide complete anonymity online.
VPN service providers must be open about their practices and procedures. VTI members have to be clear about what they collect and how they use user data.
VPNs must also adhere to the data regulations of their jurisdiction. In addition, they are recommended to disclose requests for data like warrants, subpoenas, or other court orders.
VPN companies should support the security and freedom of the Internet. VTI members can do so by educating the public and supporting the freedom of expression.
VPN providers should also contribute to the advancement of the VPN industry and share their best practices with other technology providers.
We hope that these guidelines will push the industry to become more open and secure. This is not just for NordVPN users. The purpose of VTI is to hold its members to higher quality standards. No matter what VPN you decide to use, if it’s a member of the VTI, it will meet the VTI's core principles. For a detailed look at the VTI principles, visit the official VPN Trust Initiative website.
For more news about NordVPN as well as cybersecurity tips, subscribe to our monthly blog newsletter below!