Private Internet Access (PIA) is one of the most popular and trustworthy VPNs in the Internet privacy space. The VPN service was launched in 2009 and has grown steadily. Their current network consists of over 3100 servers located around the world. These are spread among 78 countries on 5 separate continents. Its parent company, London Trust Media, Inc. is headquartered in the United States which still has no mandatory data retention directives. Private Internet Access is committed to provide you with a more open, private, and secure online experience at a reasonable price. To this end, they do not log any information regarding user sessions.
PIA has developed custom VPN apps for Windows, Mac OS X, iOS, Android, and Linux. These have a very basic dashboard implementation. Because of this, you might think that they provide only a minimal VPN service at first glance. But, you would be wrong. Behind this simplistic interface, they have implemented several advanced features. We will examine these in greater detail in the hands-on portion of our review.
Pricing and Special Offers
Private Internet Access sells their VPN service as a single package that includes all of its most advanced features. It is marketed in monthly, 6 month, and 24 month terms. The two year term also includes 2 months free. As you might suspect, the price is lower when you sign up for a longer term. The 2 year subscription works out to less than 8 cents a day for unlimited access.
A huge thanks to the PIA team for offering our readers a discount on the popular VPN service. Our readers can get a month of their VPN for $11.99. You can save even more if you subscribe to 6 months of their VPN service for $45. This equates to $7.50 per month or a savings of 37%. Their best deal is the 2 year planfor $56.94. Signing up for it saves you 82% off of their regular monthly pricing. This means you can enjoy a two full years of their VPN service for just $2.19 a month.
PIA Payment Options
Private Internet Access offers several ways to pay for their VPN. First, they accept payments by major credit cards including VISA, MasterCard, American Express, Discover, and JCB. Subscriptions can also be paid for with PayPal or Amazon Payments accounts if you like to keep all of your online transactions in a central location. They also accept e-payment solutions like CashU, OK PAY, and Mint. These transactions will only require a username, password, and an email address. If greater anonymity is your goal, you can pay by using Bitcoin, Bitcoin Cash, and Zcash which claims to be the HTTPS of cryptocurrencies. They even accept gift cards like Best Buy, Home Depot, Walmart, Dicks Sporting Goods, and many others.
Risk-Free Trial Period
Like many VPNs, Private Internet Access does not have a free trial. However, they know that you will want to try out their service before committing your hard-earned money. Consequently, they offer all new subscribers a 30-day, 100% money back guarantee. This should allow you enough time to fully test their VPN network. We recommend that you test the Private Internet Access service with all of your devices, applications, and websites that you would like to use it with during this period. This will not only allow you to determine its compatibility, but also its suitability for your everyday use.
If you are not completely satisfied with their service, PIA will refund the full purchase price of your chosen plan. Refund requests must be made within 30 days of your purchase date. Requests made later than seven days will not be honored. Also, no refunds will be provided for subscriptions made using gift cards.
In order to refund your payment, you will need to provide the following information to verify your account:
- The email address you created when you first registered your account.
- The 7-digit PIA order number from your payment confirmation email.
This information is necessary for security reasons and to verify that you are making this request. So, be sure to keep your confirmation email. This is the easiest way to verify your account to ensure a speedy refund. Other refund methods may be necessary, depending on your method of payment. These can be found in their TOS.
Private Internet Access VPN Features
So, what do you get for your money? PIA VPN offers users the following benefits:
- Custom VPN apps – free custom VPN Software for Windows, Mac OS X, iOS, Android, and Linux.
- No-log VPN – absolutely nothing about users VPN sessions is logged, neither IPs or metadata are recorded.
- 10 Simultaneous connections – members can use up to ten devices on their account at a single time. Even more are possible if one of the devices is a router as all the devices connected to it are counted as one.
- VPN protocols – all users have access to the the latest protocols inblucionf WireGuard and OpenVPN.
- P2P and Torrent support – all PIA VPN servers allow P2P and torrent access. Some locations may require double hops as some countries ban P2P traffic.
- SOCKS5 proxy access – users have access to a Socks5 proxy for P2P applications to hide your IP address.
- Smart DNS – access streaming services in the US, UK, Germany, Netherlands, and Japan on Roku, Apple TV, Android TV and more with PIA’s Smart DNS feature.
- Antivirus by PIA – protect your PC with PIA antivirus which will scan and remove malware from your system.
- Advanced features – PIA users have access to DNS leak protection, IPv6 leak protection, an Internet kill switch, and even port forwarding.
- Unlimited VPN bandwidth – PIA does not throttle nor limit the download or upload bandwidth usage for their subscribers.
- Worldwide access – virtual IPs from more than 3100 servers in 78 countries
- High-speed gateways – all gateways have gigabit VPN port speeds.
- IP address sharing – IP addresses are shared among subscribers for better privacy and anonymity
- Encryption choice – users can decide the level of encryption they want to use.
- Firewall protection – subscribers are protected against malware while using the service.
- Wi-Fi hotspot protection – this ensures that you are secured against hackers and possible identity theft while enjoying your favorite beverage and surfing the Web.
In addition to these benefits, virtual relocation allows you to bypass local and institutional censorship of social media, news, and other websites. It can also save you money when using VoIP and allow access to more entertainment resources. This means you can enjoy your favorite shows, real-time sports events without blackouts, and other streaming services from wherever you are.
PIA VPN Network and Server Locations
The Private Internet Access network uses high-speed gateways (servers) with Gigabit ports and unmetered bandwidth. It currently consists of over 3100 VPN servers distributed across 78 separate countries. These servers are further divided into even more cities across five continents. They have servers in Asia, Europe, Oceania, North America, and South America.
Their network has multiple servers in every country with greater server densities in popular destinations like Australia, Canada, the Netherlands, the United Kingdom, and the United States. Additionally, the Private Internet Access network has multiple locations in countries like Australia, Canada, the United Kingdom, and the United States. This allows them to provide dynamic load balancing for their service which optimizes network performance at all times.
Here is a list of some popular PIA server locations around the world:
- Australia, Austria, Belgium, Brazil, Czech Republic, Denmark, Finland, France, Germany, Hong Kong, Hungary, India, Ireland, Israel, Italy, Japan, Luxembourg, Mexico, New Zealand, Canada, Netherlands, Norway, Poland, Romania, Singapore, South Africa, Spain, Sweden, Switzerland, Turkey, United Arab Emirates (UAE), United Kingdom, United States
Private Internet Access also allows SOCKS5 proxy connections to their Netherlands servers over port 1080 for those that require it. This is one reason for the server density there. Their network allows and even encourages VoIP, P2P, and Torrent traffic on all of their VPN servers. Additionally, port forwarding is allowed on the Toronto, Montreal, Vancouver, Netherlands, Sweden, Switzerland, France, Germany, Romania, and Israel gateways.
Private Internet Access: Privacy and Anonymity
PrivateInternetAccess.com does not collect or log any traffic or use of its Virtual Private Network (“VPN”) or Proxy.
This is further expounded on in their support area where they explain that logs are never stored to hard drives so no records of users activity exist.
PIA absolutely does not keep any logs, of any kind, period. While this does make things harder in some cases, specifically dealing with outbound mail, advanced techniques to handle abuse issues, and things of that nature, this provides a high level of security and privacy to all of our users. Logs are never written to the hard-drives of any of our machines and are specifically written to the null device, which simply acts as if the data never existed.
Due to this, we’re unable to provide information on our customers’ usage of our service under any circumstance, including subpoenas and court orders, which are extremely closely reviewed before we make any response by our experienced legal team.
We can unequivocally state that our company has not and still does not maintain metadata logs regarding when a subscriber accesses the VPN service, how long a subscriber’s use was, and what IP address a subscriber originated from. Moreover, the encryption system does not allow us to view and thus log what IP addresses a subscriber is visiting or has visited.
Private Internet Access is located in the United States. Its TOS says that it is subject to all US laws and jurisdictional procedures. They feel the US is a good place for a VPN service since they have no mandatory data retention policy, whereas some places in Europe now do. They would have to comply with all official judicial orders and hand over all the information about their users’ metadata and traffic. However, since all logs are written to a null device, essentially nowhere, they would comply with any such orders by turning over nothing as they have done in the past.
United States v Preston Alexander McWaters
In 2016, Private Internet Access showed how this works in an FBI case against a suspected stalker who called bogus bomb threats into businesses and schools. The case was United States v Preston Alexander McWaters. IP addresses of the phones used to create the accounts that sent the messages were tracked back to PIA. An excerpt of the transcript complaint follows:
All of the responses from l &1, Facebook, Twitter, and Tracfone have been traced by IP address back to a company named London Trust Media dba privateinternetaccess.com. This company is an anonymizing company whose purpose is to allow users of the internet to mask their original IP address where they are sending messages from.
A subpoena was sent to London Trust Media and the only information they could provide is that the cluster of IP addresses being used was from the east coast of the United States.
Since Private Internet Access allows these anonymous styles of payment, they were not able to even show that the defendant had even purchased an account there. However, the FBI was ultimately able to get this information from another VPN service. The FBI was able to use other means to put together a case against this defendant. You can read the complaint for yourself for more information.
Private Internet Access and your Anonymity
In addition to their no log policy, Private Internet Access also lets you subscribe using anonymous sources. These include cryptocurrencies like Bitcoin, Bitcoin Cash, and even Zcash which claims to have completely anonymous encrypted transactions. They even accept some gift cards like Amazon, Bed Bath & Beyond, Cosco, and many others which can increase your anonymity even more.
Additionally, PIA uses shared IP addressing to keep your privacy and help increase your anonymity. Their apps include advanced features like DNS, IPv4, and IPv6 leak protection to help maintain these. The ability to use a proxy and to kill your Internet connection if the service drops shows their commitment to keeping your privacy and continued anonymity.
To conclude, Private Internet Access is based in the United States which has no data retention policy. It does not log any traffic or metadata about their VPN or proxy users sessions. They allow anonymous payments for subscriptions. All information that they do collect from interaction with their website and staff is only used internally.
Their service has extra features to help protect and maintain your privacy and increase your anonymity. Their policies have been tried and tested by the United States legal system and were shown to have kept the individual’s privacy and anonymity in tack.
Private Internet Access and your Online Security
How secure are you and your online traffic while using PIA VPN service?
Private Internet Access uses the open source, industry standard OpenVPN to provide you with a secure VPN tunnel as a default on their Windows, Mac OS X, and Android software applications. This is widely believed to be the best VPN protocol in terms of speed and security. They use the built-in IPsec protocol to secure iOS devices like the iPad and iPhone which is also considered secure but perhaps a bit slower than OpenVPN.
RSA- 2048 Handshake
Recall that this phase establishes the initial VPN tunnel through which your encrypted data passes and verifies that you are really talking to an authorized server and not an imposter. Private Internet Access uses TLSv1.2 for server authentication and control to establish this connection. By default, RSA-2048 is utilized for this process.
This means that they use a 2048 bit certificate for verification of all negotiated keys. All certificates are signed using SHA512. Ephemeral Diffie-Hellman (DHE) keys are then negotiated and transferred across the secure tunnel. This ensures forward secrecy for the encrypted traffic. These keys are randomly generated and used for a predetermined length of time before being completely destroyed. New keys are then generated. This ensures that if a future key is compromised, it can only be used to decrypt a small traffic window and nothing before that.
Encrypting your data guards you against passive attacks like eavesdroppers where someone records your traffic without attempting to modify it. Private Internet Access uses a symmetric cipher algorithm to encrypt and decrypt all of your data. This cipher is used with an ephemeral secret key generated and shared between you and the server. As previously stated, this secret key is exchanged during the handshake encryption phase. The default algorithm used by PIA is Advanced Encryption Standard (AES) with 128-bit key length using Cipher Block Chaining mode. This is usually written as AES-128-CBC. This algorithm is considered secure and fast.
To protect against active attacks like Man in the Middle( MitM) attacks, you should authenticate the data traffic to verify that no one has tampered with it. By default Private Internet Access uses SHA1 to do this.
The PIA network implementation uses TLSv1.2 with RSA-2048 for server authentication and control to establish the initial VPN tunnel. It employs forward secrecy, some of the best VPN protocols, and robust encryption algorithms to secure your traffic. Additionally, their VPN servers have firewalls to protect you against malicious software. This means you can enjoy peace of mind knowing that all of your Internet traffic is securely encrypted and transferred over secure connections when using a PIA VPN server.
Customer and Technical Support
PIA provides 24/7 live chat support along with email to help solve any problems you may have getting started or along the way. We recommend using the live chat support. PIA is one of only a few VPNs to offer live support 24/7 so you can take advantage of it anytime. If you prefer the ticketing system it’s there for you as well.
You must first choose which department your ticket concerns before filling it out and sending it. Your choices include general, account support, payments, and technical support. Once you have chosen the department and pressed the “Next” button, you will then be directed to another page to create and send the ticket. Here is the sample technical support template page.
All templates have required fields like “name”, “e-mail address”, “subject”, and “message”. They also have fields related to the department they are directed towards. Once you have finished filling out the appropriate fields, click submit to send your support request.
Private Internet Access has a large support FAQ and database to help answer many of your questions. It also has guides for manually installing the service on a number of devices. PIA has a presence on Facebook, Twitter, and YouTube which could help you with some problems.
Hands on: Private Internet Access
PIA has custom software for Windows, Mac OS X, iOS, Android, and Linux that can make it easy for you to connect to their service. These applications use the OpenVPN protocol for all but iOS. The iOS app uses IPsec for security. The minimum requirements are as follows:
- Windows – requires Windows 7 or newer.
- Mac OS X – needs macOS 10.8 or later.
- Linux – uses Ubuntu 12.04 or newer.
- iOS – requires iOS 8.0 and above.
- Android – needs Android 4.0.4 or later
PIA also have a Chrome extension that works with version 48 or later.
Downloading the PIA VPN Software
You can download the installation software for your device from the Private Internet Access website. Click on “Downloads and support” in the main menu. This will open a page where you can download the appropriate software for your device.
Clicking on the Windows, Mac OS X, and Linux links will transfer the installation software to your respective machine. The links for iOS, Android, and the Chrome extension will open the respective stores. Once there you can then complete the installation process for these applications.
Private Internet Access Windows Client
Installing the Windows Client
Once you have downloaded the client to your computer, you will need to run it as an administrator. This is required for some of it to function properly. The install is simple as you will only see a command window during this process.
Afterwards, you can open the software. When the software opens, you will need to enter your credentials to open it for the first time. Enter the username and password that you received in your welcoming email to finish opening the client.
You can also set the startup options from this screen. Enabling the startup toggles and choosing a location to connect to will ensure that you are connected to your favorite location whenever you open Windows.
- Start application at login – launches the client when you load Windows.
- Auto-connect on launch – auto-connects to your chosen location when the client starts up.
- Region – allows you to choose a country you want to auto-connect to when the app starts. If set to auto, it connects you to the fastest server from your current location based on the ping response.
- Language – lets you set the language you want to view within the client.
- Advanced settings – opens the advanced settings for your Private Internet Access connection.
PIA VPN Client Advanced Settings
Clicking on the “Advanced settings” toggle opens the software’s advanced setup screen. This screen allows you to control the apps connection and encryption settings.
These settings can be used to control how the connection is setup. The connection settings are as follows:
- Connection type – the only protocol supported by the Windows client is OpenVPN. Their are two types of OpenVPN protocol connections.
- UDP – is the User Datagram Protocol. It does not do any error checking so it is faster than TCP. This is the default protocol for the client and the best one for most users. It is used with low latency connections and loss tolerating ones like streaming media.
- TCP – is the Transfer Control Protocol and is good for long distance connections and those which cannot tolerate loss. It provides error checking for packet order and loss. It then resends packets to correct errors. Consequently it is slower because of the extra overhead involved in this error correction process.
- Remote Port – lets you choose the remote port to tunnel data through.
- Auto – lets the software decide for you.
- Port 1194 – is the standard OpenVPN port for both UDP and TCP.
- Port 8080 – an alternative port to Port 80 for HTTP web services. It is commonly used as a proxy port.
- Port 9201 – is the port used for WAP (Wireless Application Protocol) services on mobile devices.
- Port 53 – is commonly used DNS port.
- Local port – setting this allows you to choose a local port to route through the remote port.
- Request port forwarding – turning this on allows you to set up an application which allows remote users to connect to it. The remote users must know the device name and port to successfully connect to it.
- Port forwarding can only be used through the following gateways: CA Toronto, CA North York, Netherlands, Sweden, Switzerland, France, Germany, Russia, Romania, and Israel. After enabling port forwarding and re-connecting, you can hover the mouse over the system tray icon to see the port number to put in your application.
- PIA MACE – blocks ads, trackers, and other malware using the publicly available http://pgl.yoyo.org/adservers/ block list. If your browser requests the IP address of a site on this list, the Private Internet Access DNS will point it back to your local machine. This effectively blocks all such requests.
- VPN kill switch – once set, this will kill all Internet traffic from the device if your VPN connection is interrupted. The app will restore your Internet access once the VPN connection is re-established. Disabling this switch or exiting the VPN client will also restore normal Internet access.
- DNS leak protection – ensures that all DNS request are routed through the VPN network. This will provide you with the greatest level of privacy.
- IPv6 leak protection – toggling this disables a IPv6 request while using the PIA service.
- Small packets – transfers the data in smaller packets which can fix some network issues.
- Enable debug mode – allows support staff to track connection issues.
The links shown under some settings will open guides on the Private Internet Access website which contain more detailed information about that particular setting.
The second category that you can control for the software is the settings that are used for encrypting all of your Internet traffic. These settings include the following:
- Data Encryption – This is the encryption strength used to encrypt and decrypt all of your traffic. It is negotiated and transferred after the initial tunnel is created between the VPN server and your computer.
- AES-128 – is the default and provides the best balance of speed and security. It uses Advanced Encryption Standard (AES). It is the National Institute of Standards and Technology (NIST) contest winning protocol and is used by the United States government for secret documents. Cipher Block Chaining with a 128 bit key will provide the best performance for most uses.
- AES-256 – uses the same encryption algorithm as above. AES-256 CBC uses a 256 bit key. Therefore, it is more secure but also slower.
- None – This will hide your IP and help you bypass geo-restrictions. It does not encrypt your data and is not recommended. You will be susceptible to passive attacks if you use this setting. Third-parties could intercept your Internet traffic.
- Data Authentication – This refers to the algorithm that verifies all of your data to guard against active attacks. An active attack occurs when a third-party modifies your data in transit.
- SHA1 – uses HMAC (Key-Hash Message Authentication Code) with a 160 bit key.
- SHA256 – utilizes HMAC with a 256 bit key and is thus slower. You should use this as your default.
- None – opens you up for active or Man-in-the-Middle (MitM) attacks.
- Handshake – This is the algorithm which establishes the initial secure connection and verifies that you are talking to a PIA Server and not an imposter. Hence the name handshake. Private Internet Access uses Transport Secure Layer v1.2 (TSL 1.2) for this connection and signs all certificates with SHA512.
- RSA-2048 – is the software default and best for most users. It uses a 2048 bit Ephemeral Diffie-Hellman (DH) key exchange and 2048-bit RSA certificate for verification.
- RSA-3072 – uses the same algorithm as above with 3072 bit for both key exchange and RSA certificate.
- RSA-4096 – utilizes the same algorithm as above with 4096 bit for both key exchange and RSA certificate.
- ECC-256k1 – employs a Ephemeral Elliptic Curve DH key exchange and an Elliptic Curve Digital Signature Algorithm (ECDSA) certificate for verification. It uses Curve secp256k1 (256bit) for its transactions. This is the curve that Bitcoin uses and is employed for both the key exchange and the certificate.
- ECC-256r1 – is also an EEC algorithm. It uses curve prime256v1 (also 256-bit and known as secp256r1) for both the key exchange and certificate verification.
- ECC-521 – is ECC like above, but employs curve secp521r1 (521 bit) for both the key exchange and certificate verification.
The PIA Windows client defaults to AES-128/SHA1/RSA-2048 encryption. This will give you the best balance of speed and security. Note, the software will warn you if you select “none” for data encryption, data authentication, or one of the ECC handshake algorithms as these could provide security issues. Clicking on the “default settings” link will open the VPN encryption page on their website where you will find more information.
This information is summarized here. It shows some endpoint encryption settings along with some comments about them.
- Default recommended setting – AES-128/SHA1/RSA-2048: It provides the best balance of speed and security.
- Maximum protection – AES-256/SHA256/RSA-4096: This is for those who want the maximum security for their data. Be aware that this will slow your Internet connection speed.
- Risky business – AES-128/None/RSA-2048: This configuration is susceptible to active MitM attacks.
- All Speed but no security – None/None/ECC-256k1: This is susceptible to both active and passive attacks from outside third parties (hackers). Essentially, you are using the VPN service as a proxy.
Using the Private Internet Access Windows Software
Once opened the client will minimize to the system tray. You can control it from there. There are three different colored icons for the software that indicate its state, red, yellow, and green. Each has an associated notification (left). You will see these notifications as you connect and disconnect from the VPN. Hovering the mouse over an icon will also display a small connection status message. Red indicates that you are not connected to a VPN server and your Internet traffic is not secure.
Yellow shows that you are connecting to the service but still not secured.
Green means that you are connected to the Private Internet Access service and that all of your Internet data is secured. The hover message displays the location and virtual IP for the connection. If you are using a port forwarding server, it will also show the port to use with your application.
Connecting and Disconnecting
Right-clicking on the disconnected icon in the system tray will open the list of servers that you can connect to. Select more to see the complete list. Selecting “Connect” will connect you to the last server that you successfully connected to. This makes it easy to reconnect to a server. Choosing “Connect auto” will connect you to a VPN server at the fastest ping location from where you currently are.
If you want to have a specific virtual location, simply click on it. You will see a connecting notification. When the process is complete and your Internet traffic is secured, you will see a connected message. Then the client will re-minimize. To disconnect from the network, right click on the connected icon in the system tray and select “Disconnect”.
It is as easy as that. Clicking on “Settings” will open the screen to allow you to change them as we showed previously in our review. Clicking on “Send slow speed complaint” or “Report blocked website” will display and send messages to the support staff. Selecting “Help” will open their support page where you can then make a support ticket or look at their FAQ. Finally clicking on “Exit” will close the Windows client.
The PIA client does not have a fancy interface. However, it does offer some of the most advanced features that VPNs have today. These include a kill switch, DNS leak protection, disabling IPv6 Internet traffic, and small packet transfer. This makes it appealing to those users who have more technical needs or knowledge. At the same time it has a simple interface which uses default settings. This is probably best for most users. All that is necessary to connect to one of their VPN servers is to select its location from the list that appears when you right click on the client icon in the system tray area. When the icon turns green, you are safely connected. If it is red or yellow, you are not. Hovering your mouse over the icon will show information about your connection. It is as easy as that.
Private Internet Access Android App
Installing and Logging Into the Android App
The installation process for the Android app begins by tapping on the “Get app” button on the Private Internet Access website. This will open the installation screen for the app on the Google Play store. Tap the “Install” button to transfer the app to your Android device and then tap on the “Open” button to run it for the first time.
If you have not yet created an account, you can enter your email address and click on a plan to make one. Tapping on the question (?) in the upper right-hand corner will open the support page on the Private Internet website where you can submit a request or peruse their FAQ, guides, or other solved issues.
When you are ready, you will need to enter in the authentication credentials for your account. These are the “Username” (p1234567 number) and “Password” that you received in your welcoming email after you created your Private Internet Access account. Enter these and tap the “Log in” button to finish opening the app.
Before we look at the app in action, let us first look at how to modify its behavior by examining the settings that control it. These can be accessed by tapping on the gear icon in the upper right-hand of the main dashboard.
Private Internet Access Android App Setup
This displays not only the settings that modify the app behavior but also information about your account and the app. It is divided into a number of different categories. These include account details, connection settings, encryption setup, auto-start behavior, split tunnel setup, interface design, and application information. More detailed information on the connection and encryption settings can be found in the Windows section of our review.
The first of these categories is account details. This shows your account username and subscription information. Tapping on the username will open a screen that will let you change your email address or password for your account. You can also log out of the app from here but be aware you will have to reenter your login credentials if you do.
The second category is the connection settings which include the following:
- PIA MACE – will allow you to block ads, trackers and other malware from reaching your Android device.
- Block local network – lets you block LAN traffic if connected to the PIA VPN service. This can keep others on the network from connecting to your Android device.
- Use TCP – allows you to use OpenVPN TCP instead of the default UDP if you need to.
- Remote port – defaults to auto which allows the software to choose the port. You can also select among the following ports: 1194, 8080, 9201, and 53.
- Internet kill switch – kills your Internet connection if the VPN is accidentally dropped until you reconnect to it.
- Request port forwarding – will let external sources connect to your Android device.
- Use small packets – will help improve compatibility between your Android device and some routers or mobile networks.
The next category is encryption setup which includes the following:
- Data encryption – uses AES-128 algorithm by default but you can also choose AES-256 for greater security.
- Data authentication – uses SHA1 by default but we recommend SHA256. Never use none.
- Handshake – employs TLS 1.2 with a RSA-2048 algorithm by default with DH forward secrecy. The other options are described in the Windows section of our review.
The Auto-start category has two settings: 1-click connect and connect on boot. Setting these ensures that your Android device is always protected. It will also let you connect to your last server location with a single tap of the Private Internet Access icon.
The application settings will allow you to set up “Split Tunneling” for your Android apps. By default, all apps are channeled through the VPN tunnel. You can use the “Disable access for all apps” button if you just want a few chosen apps to be tunneled. This can help save money on metered networks. Just tap the open lock beside those you want to channel. Else you can choose those apps you do not want to channel by tapping on the closed lock beside them. Selecting the dark theme will change the interface to a dark background with light writing.
Connecting to the Private Internet Access Service
Now that we have examined how to change the app behavior, let us take a look at it in action. Simply slide the connection toggle right to make your first connection to the Private Internet Access network. You will first have to allow PIA VPN access to use your device. It will then connect you to the fastest server by pinging servers close to your current location. In our case, it connected us to an Atlanta VPN server. Tapping on the current region shows us that we are indeed connected to the US Atlanta location. To disconnect from the network, simply slide the toggle left.
To change servers, tap on the currently connected location, and then choose another one as we have done for the UK London location below.
You can even change servers without disconnecting from your current server. Just open the region list and tap on a new location. This is illustrated by changing from the London VPN server to one in Melbourne. Simply slide the switch to disconnect from the PIA network.
The Android interface is easy on the eyes and simple to use. It takes just a couple of taps to connect you to any location in the Private Internet Access network. You can set the startup options so that only a single tap of the icon connects you to the location that you were last connected to. The app also includes advanced features like a kill switch, port forwarding, and split tunneling.
Private Internet Access Client for Mac OS X
Mac users will find a very similar user interface for PIA. You don’t need any past experience with VPN to use the app. It looks similar to the open-source OpenVPN client. As you can see above, the client displays a list of server location. You can simply click on any location to connect. That’s all there is to using the app. Like it’s Windows counterpart, there are several options that can be set to enhance your privacy. Our guide will walk you through the details but we’ll take a quick look at some of the top features.
The PIA mac client uses the OpenVPN protocol. You can choose between UDP and TCP. We recommend UDP for faster speeds. You can also set a remote port to tunnel traffic through. As strong privacy proponents, the PIA team has several features to secure your connection and protect you in case it ever fails. Mac users can set the VPN kill switch to stop communication until the VPN reconnects. You can set port forwarding through a few select gateways. The app also has IPv6 leak protection and the ability to use small packets which can help you get around some network or firewall issues.
Private Internet Access iOS APP for iPhone and iPad
This is an area where PIA falls behind in terms of features. The iOS app will leave iPhone and iPad users without the advanced features offered in their Android app. However, the iOS app has a nice user interface and is easy to use. You can select any server location and quickly see the connection status. Simply slide the on / off toggle to use their network. The Private Internet Access iOS app uses the built-in IPsec protocol for security.
Private Internet Access Speed Test
We were quite pleased with the overall performance of the PIA network. You can see from the speed test below that their service performed very well. As expected, there was a small speed loss while connected to one of their VPN servers. This is due to the extra overhead incurred by encrypting all of your VPN traffic. However, this loss was more than acceptable in the case of Private Internet Access.
As you can see from the images above, the encrypted connection lowered our base ISP download speed from 459.92 Mb/s to 402.57 Mb/s. This is a drop of about 12% to a server in Atlanta, GA which is acceptable and among the top results we have tested. This minimal loss in connection speed is well worth the security and peace of mind offered by connecting to the PIA netowork.
Private Internet Access has been in the VPN business since 2009. Their network consists over 3100 servers spread across 78 different countries. They have multiple servers in popular countries like the US, UK, Canada, and The Netherlands. They do not log any information about their members while using their VPN or proxy services. Everyone is on the honor system according to their TOS.
Despite their parent company name, London Trust Media, Inc., they are based in the United States. They are VoIP and P2P friendly. All of PIA’s servers support torrents but some may require a double hop. They have proven that they will comply with requests made by authorized state or judicial authorities for user activity information. Specifically, they complied by turning over “nothing” in a 2016 FBI case. They replied to the request by stating that they do not log their subscribers activities while using their VPN servers or proxies. This includes any metadata.
PIA offers custom software apps for Windows, Mac OS X, Linux, Android, and iOS. These apps are easy to install and allow their users to connect to VPN servers in the Private Internet Access network with just a few clicks of the mouse or taps on the screen. Their Windows, Mac OS X, and Android apps include some of the more advanced features available for VPNs including DNS leak protection (Windows only), kill switches, port forwarding, a variety of remote ports, IPv6 leak protection, and split tunneling for Android devices.
All of their apps provide some of the best encryption available in the industry in AES-128 and AES-256. All but their iOS app default to OpenVPN because of its speed, the security it offers, and its overall reliability. The iOS app is secured using the built-in IPsec protocol.
PIA provides excellent tutorials and visual setup guides to manually connect to their service using Windows, Mac OS X, Android, iOS, Windows Phone, Ubuntu, and DD-WRT or Tomato routers. Their support begins with an extensive FAQ database and extends to a 24/7/365 email ticketing system. They also maintain a social media presence on various sites like Facebook and Twitter.
The Private Internet Access network includes servers in five continents – Europe, North America, Central and South America, Asia, and Oceania. The servers on their network have gigabit ports. They provide a 30-day money back guarantee. This will allow you plenty of time to test their service to see if it meets your needs. Try them out for yourself and see what you think. If you like their VPN service, they are offering an extra discount to our readers. You can sign up for unlimited access from just $2.19 a month.