Privacy has gone mainstream in the last few years. And VPN use is a staple for privacy-minded individuals. There are many different providers to choose from today. And the commercial VPN market is getting very competitive.
But choosing the right provider is critical. Sign-up to the wrong service and you could end up in a worse situation than without a VPN.
I’ve researched most players in the commercial VPN space. And in this article, I’ll provide you with my review of Surfshark to see if I can recommend them, in good faith.
Short on time?
Here's what matters most.
|User Friendliness Score||9|
|Price per month (cheapest)||$1.99|
|Allows torrenting / P2P||Yes|
|Refund Period||30 Days|
|Desktop Operating Software||Windows, MacOS, Linux|
|Mobile Apps||iOS, Android|
|VPN Protocols||IKEv2, OpenVPN, WireGuard, Shadowsocks|
|DNS Leak Protection||Yes|
|Logging Policy||No-logging Policy|
|Jurisdiction||British Virgin Islands|
|Out of 14 eyes||Yes|
|Sign-up Information Required||Only Valid Email|
|Avg. Ping NY||22.33 ms|
|Avg. Download NY||Over a 60 Mbps Network (Download): 54.84 Mbps|
|Avg. Upload NY||Over a 30 Mbps Network (Upload): 24.10 Mbps|
Surfshark is a relatively new player in the commercial VPN market. But they have already begun to make waves. They offer many robust security and privacy features.
And they are one of the best providers for bypassing geo-restrictions and VPN bans (we’re looking at you, Netflix).
Surfshark is a VPN provider based in the British Virgin Islands, which was founded in 2018. They claim to be uncompromising in terms of privacy and security, while still offering a host of convenience features, such as background P2P routing (more on that later). Since 2018, they have grown massively and their network now includes over 1700 servers in more than 63 countries. I wish I could tell you more about the company and its origins, but Surfshark is rather opaque about that - which will cost them a few points in this review…
- Industry-Standard Encryption
- Native Applications
- Strict No-Logging Policy
- Ads & Tracker Blocker
- VPN Kill Switch
- Passed Security Audit in 2018
- Not a lot of information available about the company
- Cannot choose your ciphers/level of encryption
What You Should Consider When Buying a VPN Subscription?
The two most obvious things to look for is the VPN provider’s stance on user privacy and security.
Typical VPN users turn to VPNs to enhance their privacy and their security online. Some may even be looking for full-on anonymity, such as dissidents in authoritarian countries, for example.
But whatever the case, the most important thing to look out for is the provider’s logging policy.
A VPN provider that keeps logs or that does not disclose its logging policy does not deserve your trust. The logging policy is the most crucial element when considering a subscription.
Another element that impacts a VPN’s privacy, and which may not seem obvious at first glance, is the accepted payment methods. Specifically, do they accept cash and/or bitcoin, for anonymous payments?
The importance of this cannot be overstated when it comes to VPNs. Because following the money trail is a critical step in identifying you and could be life-threatening in certain counties, under certain regimes.Get Surfshark and save 83%!
Surfshark Features Review
We will be taking an in-depth look at Surfshark’s offering. The review will be broken down into four main categories, which each contain multiple sub-points.
The main categories are Security, Anonymity, Features, and Policies. Let’s get to it.
Let’s start with the most obvious: security. Online security is arguably one of the main reasons people subscribe to a VPN service. How does Surfshark score in terms of security?
Supported VPN Protocols
Surfshark only supports two VPN protocols: IKEv2/IPSec and OpenVPN. This may not seem like a lot. But this is a feature, not a bug.
IKEv2 and OpenVPN are the two most secure protocols available today. These protocols have been around for a long while and their security has been demonstrated.
We’re glad to see that Surfshark is further protecting their users by not making insecure and obsolete VPN protocols available.
Encryption Level & Supported Ciphers
Whether you use IKEv2 (the default) or OpenVPN with Surfshark, the cipher used is AES-GCM, with 256-bit keys. This is industry-standard encryption.
AES256 is used by banks, governments, and the military. It is an established cipher, with no known vulnerabilities.
This is all very secure. The only downside is that you cannot select your ciphers or encryption levels using Surfshark’s native apps.
DNS Leak Protection
If you use a VPN, you should be concerned with DNS leaks.
A DNS leak causes your DNS requests to continue to be forwarded to your ISP’s DNS servers, despite being connected to a VPN. This means that your ISP can still track your activities, even if you’re using a VPN.
Surfshark run their no-logging DNS servers inside the tunnel. And they automatically configure their client apps to use the internal DNS servers, protecting you from DNS leaks.
The DNS servers being within the VPN tunnel also means that your DNS traffic benefits from the tunnel’s encryption.
I tested Surfshark for DNS leaks, using ipleak.net. And the results are good. The IP addresses of my ISP’s DNS servers are not listed.
Your DNS requests are safe over the Surfshark network.
VPN Kill Switch
Network volatility being what it is, when you’re connected to a VPN, occasionally the connection can drop.
Normally, this shouldn’t happen, but it occasionally does. And what happens then? Your traffic continues to flow. But it will go out unencrypted and will use your ISP’s gateway and DNS servers.
And if this happens while your computer is unattended, the traffic could leak for hours before you realize what happened.
All of Surfshark’s apps all include a VPN Kill Switch. The Kill Switch automatically blocks all Internet traffic if the connection to the VPN server is lost.
So you can rest assured that your traffic will not leak as long as the Surfshark app is running.Get Surfshark and save 83%!
In Which Jurisdiction is the VPN Provider Based?
Jurisdiction can impact a VPN provider’s security. I’ve stated this before and I’ll state it again: the logging policy is much more important than jurisdiction, in my opinion.
But jurisdiction can also be important, especially for dissidents in authoritarian countries.
If you recognize yourself in that description, you should probably avoid a VPN provider based in one of the 14 Eyes nations. This could mitigate the possibility of your data ending up in the hands of governments.
But be sure to still choose a provider that adheres to a strict no-logging policy.
Now, Surfshark is based in the British Virgin Islands. And we know that the U.K. is a prime member of the 5, 9 & 14 Eyes alliances. The British Virgin Islands have legal and political independence from the U.K.
But some feel it’s not as clear in reality as it is on paper.
I can’t settle that point here. But as long as I’m not a political dissident in an authoritarian country, Surfshark’s jurisdiction does not make me feel insecure, thanks to their strong no-logging policy.
For more information on the dynamics between VPN providers, jurisdiction, and Intelligence sharing, take a look at our 5, 9 & 14 Eyes: What Does It All Mean For VPN Users? article.
Do They Have a Warrant Canary?
In certain jurisdictions, such as the United States, law enforcement can serve secret warrants to ISPs, VPN providers, and other organizations.
These warrants compel companies to turn over user data to law enforcement to pursue an investigation.
They are also regularly bundled with a gag order. A gag order prevents the company who was served the warrant from notifying the targets of the warrants that their data has been compromised.
A warrant canary is designed to somewhat circumvent the gag order. A warrant canary is a frequently published statement that confirms that a service provider has not received a secret warrant and gag order.
The idea behind the warrant canary is that if the provider ever does receive such a warrant, the warrant canary is taken down.
It won’t specifically inform the targets of the warrant that their data has been compromised. But it will inform the community of users that these events have occurred so that they can take appropriate action.
Surfshark regularly publishes a warrant canary. It bolsters their commitment to user privacy and security. We like that
Do They Own or Rent Their Infrastructure?
In the VPN space, some providers choose to own and control all of their infrastructure. Others choose to rent their servers from data centers. Others still choose to do both.
Owning your infrastructure has the benefit of not having to trust third-parties in the operation of the network.
While renting their infrastructure can enable them to more easily have a large number of servers on offer, distributed across a large number of countries. But it also introduces the risk of tampering by third-parties.
Surfshark’s website highlights the fact that they have over 1700 servers in over 63 countries. But they are rather opaque regarding infrastructure ownership.
We did find a support document discussing physical vs virtual servers. A virtual server is a VPN server with an IP address from one country (virtual location), but which is physically located in another (physical location).
The support document states that all of their servers are physical, even if they may offer virtual remote locations form those physical servers. But not a word on ownership – which probably means they don’t own their infrastructure.
Still, let’s give them the benefit of the doubt.
Turning to TorrentFreak’s annual Which VPN Services Keep You Anonymous? roundup, we were able to find the following:
“[Q:] Are any of your VPN servers hosted by third parties? If so, what measures do you take to prevent those partners from snooping on any inbound and/or outbound traffic? Do you use your own DNS servers?"
With 1700 servers, that would have been my guess. But this is not mentioned anywhere on their website – it should be.
Have They Ever Been Hacked?
Reputation is as critical as infrastructure to a VPN provider. As such, when looking to purchase a VPN subscription, knowing whether or not a provider has been hacked is important.
And I’m happy to report that Surfshark has never been hacked.
They’re a young company, so we’ll see if they uphold that track record through time. But the fact they’ve never been hacked is clearly a good thing.
Not only that, but in 2018, Surfshark commissioned Cure53, a Germany security auditing firm, to audit Surfshark’s Firefox and Chrome browser extensions. The results, revealed in November 2018 were extremely positive.
This audit may be limited in scope. And we would have liked Surfshark’s apps and infrastructure to be audited as well, but this is, again, good. Hopefully, they will do this in the future.
What Information Is Collected at Signup?
It would be hard to ask Surfshark for a more straightforward sign-up process. They simply require you to choose a package, a payment method, and to supply a valid email address.
Nothing more is collected. No nonsense. We like that.
Accepted Payment Methods
From an anonymity perspective, a VPN provider’s accepted payment methods are very important. If you’re using a VPN primarily for anonymity, your payment trail could compromise your anonymity.
A good VPN provider accepts anonymous payments: cash or cryptocurrencies.
Surfshark accepts many payment methods, such as credit cards and PayPal, as well as several cryptocurrencies, like Bitcoin. They do not offer cash payments, however.
For anonymous payments, you will need to use cryptocurrency.
Using Bitcoin anonymously is easier said than done, however, though it is doable. Just be prepared to set some time aside to achieve this. Here’s a good guide on how to make anonymous payments with Bitcoin.
Surfshark does not host dedicated servers that route your traffic through the Tor network.
They do, however, have a support document detailing how to use the Tor Browser while connected to Surfshark. But this is of limited use for two reasons:
- The way to use the Tor Browser does not change when you are connected to a VPN
- The Tor Browser will only route your browser traffic through the Tor network. Whereas a dedicated Tor over VPN server would route all of your device’s traffic.
For more information about Tor, visit their website.
Cost / Packages
Surfshark is generally more expensive than the competition when it comes to their monthly and yearly subscriptions. But, insofar as you tend to get what you pay for, I do not consider this a bad thing.
Their 2-year subscription, however, is much cheaper than most, chiming in at 1.99 USD per month
All of Surfshark’s subscriptions include the same features. And they give you the option to add two extra services (bundled together) for an extra 1 USD per month. These are HackLock and BlindSearch (see below).
Surfshark offer three subscription terms that vary in price:
- 11.95 USD for one month of service
- 71.88 USD for one year of service (works out to 5.99 USD per month)
- 47.76 USD for two years of service (works out to 1.99 USD per month)
They do not offer a free trial period. However, all subscriptions are backed by a 30-day money-back guarantee.Get Surfshark and save 83%!
HackLock & BlindSearch
As we just mentioned, for an extra 1 USD per month, you can add these two services to your Surfshark subscription.
HackLock scans compromised databases for your email addresses & passwords and alerts you if any of your credentials have leaked.
BlindSearch is Surfshark’s proxied Bing search. From Surfshark’s native apps, you can access search the Web with BlindSearch.
When you perform a search, your search terms are proxied over BlindSearch. BlindSearch then gets the results for your search and pushes them back to you.
Bing does not get the opportunity to funnel any of your data as you never interact directly with them.
Number of Devices That Can Connect Simultaneously?
Surfshark imposes no limit on the number of devices that can connect to the network simultaneously. Most providers cap this at 3 or 5. With Surfshark, you can connect unlimited devices.
This is very generous on their part. Excellent.
I have not properly tested Surfshark’s speed. I’ve used their service and did not notice any slowdowns or lag while connected to their servers. But because I haven’t done a formal speed test, I cannot directly speak to that point here.
Instead, I turned to a trusted publication (Cnet) and can report that, based on their tests, the speed drop is on average about 27%. It may seem like a fairly high number. But it is not.
Using a VPN invariably adds overhead to your connection. And a 27% speed drop is less than most. This is more than acceptable. And it’s an average. So you can expect less of a drop on certain servers – don’t forget that!
The Number of VPN Servers Available?
Surfshark operate over 1700 servers in over 63 countries. Your favorite location has a good chance to be on the list.
Remember that these servers are rented from large data centers, opening the door to third-party access.
Do They Support Multiple Server Hops?
Surfshark supports multiple server hops with their MultiHop a feature. Using MultiHop, you can bounce your traffic over two different VPN servers. This makes you harder to track.
The second server hop adds a second layer of security and anonymity to your traffic.
Surfshark supports all major operating systems for computers, tablets, consoles, smart TVs, and smartphones. For the complete list and setup instructions, visit Surfshark’s website.
They also support many NAS devices and routers. Instructions for these can be found in the Support section of their website. This is very good coverage.
Surfshark provides native applications for the following platforms:
- Apple TV
- Fire TV
- Chrome (Browser Extension)
- Firefox (Browser Extension)
Again, very complete coverage.
Block Ads & Trackers?
Surfshark, like many VPN providers, includes a blocker for ads & trackers, called CleanWeb. CleanWeb blocks ads and trackers by performing DNS blacklisting.
Surfshark’s DNS servers run inside the VPN tunnel, keeping your DNS requests secure and private.
With CleanWeb enabled, your DNS requests are referenced against a blacklist, and any offending traffic (ads & trackers) is stripped out before reaching your browser.
I strongly recommend enabling CleanWeb and only disabling it if you are having trouble accessing certain sites.
Torrenting / P2P Support?
At first glance, all of Surfshark’s servers appear to be P2P-friendly. They don’t provide a list of dedicated P2P servers. But this is because Surfshark handles P2P traffic in a very thoughtful way.
Normally, a VPN provider hosts dedicated servers for P2P file-sharing. And they are usually located in jurisdictions that are less hostile to P2P traffic.
Surfshark also provides dedicated P2P servers, but the routing to these servers happens in the background.
So, you simply connect to the VPN server of your choice. Then, launch your favorite torrent client and Surfshark automatically routes your traffic through a dedicated P2P server, without any intervention on your part.
This is one of the best ways I’ve seen to secure P2P traffic over a commercial VPN.
For more information on Surfshark’s P2P support, take a look at our Does Surfshark Allow Torrenting / P2P? article.
Streaming / Netflix
Surfshark operate a streaming-friendly service.
And streaming over a VPN has a few advantages:
- Circumventing geo-restrictions
- Avoiding ISP bandwidth throttling
- The security benefit of a fully encrypted connection
They also support a feature called Camouflage Mode, which “disguises” your VPN traffic as regular traffic. This presumably works by routing your VPN traffic over port 443, 80 or 53, in the background. This can also help with throttling and geo-restrictions.Get Surfshark and save 83%!
Netflix banned VPN use from its service in 2018. And since then, many VPN providers claim to be able to get around the ban. Surfshark is one of them and they succeeded.
In our Does Surfshark Work With Netflix? article, I tested Surfshark on Netflix. And all I needed to do was connect to the server in the geographical location I wanted. It worked immediately and without any buffering issues.
But because of the way VPNs are blocked, a server that worked one day may no longer work a few days later. Switching servers would normally fix this.
If it does not, Surfshark offers some possible solutions to unblocking Netflix. And they fall just short of guaranteeing access.
It’s all clearly laid out in the linked article, above. Have a look if you want more information. Surfshark is probably the best VPN to use for unblocking Netflix and bypassing geo-restrictions.
Surfshark also supports split-tunnelling. This enables you to send out specified traffic outside the VPN. This will get your Netflix working if all else fails.
Let’s turn our attention to Surfshark’s policies. A VPN provider’s policies are as important, if not more than the features they offer.
Do they warn users if/when compromised by law enforcement?
Turning again to TorrentFreak’s 2020 edition of their Which VPN Services Keep You Anonymous guide, we can find answers to some important questions, such as the above.
“[Q:] What steps would be taken in the event a court orders your company to identify an active or former user of your service? How would your company respond to a court order that requires you to log activity for a user going forward? Have these scenarios ever played out in the past?”
“[A:] We have never received a court order or any logging requirement from the British Virgin Islands (BVI) authorities. If we ever received a court order from the BVI authorities, we would truthfully respond that we are unable to identify any user as we keep no logs whatsoever. If data retention laws would be enacted in the BVI, we would look for another country to register our business in. For any information regarding received legal inquiries and orders we have a live Warrant canary.”
Have they ever spied on their users at the request of law enforcement?
Their warrant canary claims that they have not. We have no reason not to take them at their word. But it still comes down to trust…
How do they respond to DMCA notices?
From the TorrentFreak guide:
“DMCA takedown notices do not apply to our service as we operate outside the jurisdiction of the United States. In case we received a non-US equivalent, we could not be of any help to authorities because of our strict no logs policy. It would simply not be possible to attribute any claims to a specific user as we have no information about any of our current or former users.”
Surfshark stands by their strong no-logging policy. Specifically, they commit to not collecting:
- IP address
- Browsing history
- Used bandwidth
- Session information
- Network traffic
- Connection timestamps
“The information we collect contains aggregated performance data, the frequency of use of our Services, unsuccessful connection attempts and other similar information.”
Now, this should not be seen as ominous. A VPN provider does need to assess the performance of their network and make adjustments when necessary. As I wrote in my Is Surfshark Safe? article, I would just like them to provide a bit more information.
They could perhaps explain what “aggregated performance data” means and implies.
And how “the frequency of use of our service” and “unsuccessful connection attempts” differ from “session information logs” and “connection timestamps”.
Surfshark is a little bit opaque on certain points and I would encourage them to open up a little bit.
To be clear, I view this as a communication issue more than a security issue. But clarification could make their VPN service, which is already very good, that much better.
We reached out to Surfshark to see if they could clarify this point for us. And they did. Here’s their response:
"Aggregated performance data allows us to analyze the information that would help us improve in the future or to proceed with simple customer needs. For example, we keep some payment information in order to be able to help our users if they are in need to change their email/password or if there comes an occasion for refunds. However, the majority of payment data is being held by payment processors, thus we get only a mere amount of it to complete our users’ requests."
We're Not Alone
A quick Web search (use duckduckgo, please 🙂 reveals that I’m clearly not the first to review Surfshark. At the same time, you’ll realize I’m not the only one who provides a positive review.
I found many high-quality reviews on the Web that reinforce what I wrote. Here are a few of them:
“I recommend Surfshark for its rich suite of security-focused features, its privacy-inclined jurisdiction and its competitive speeds”.
“I highly recommend Surfshark, if you are looking for an affordable choice for all your VPN-related needs. […] Above all, my Surfshark review finds that the VPN unblocks Netflix, downloads torrents securely, and delivers excellent digital privacy, hence why it ranks 1st in our listing. The VPN is free from WebRTC/DNS/IP address leakages, offers amazing support for all platforms, and provides users with unlimited simultaneous connections, as a first in the VPN industry”.
“Budget VPNs don't have to be feature-free, and Surfshark is the proof - it's absolutely stuffed with advanced functionality, yet is half the price of many competitors”.
NordVPN is an excellent VPN service, based in Panama. They offer a great mix of security, privacy, and convenience.
DNS leak protection, CyberSec, strong encryption, VPN kill switch have you covered on the security front.
And dedicated P2P servers, native apps for every major (and not so major) platform, and up to six simultaneous connections (or more with a VPN router) make the service very user-friendly.
- Industry-Standard Encryption
- Native Applications
- Strict No-Logging Policy
- Ads & Tracker Blocker
- VPN Kill Switch
- Tor Over VPN
They support almost every platform available and offer helpful guides on setting up their service on all of their supported platforms.
- Based in Gibraltar
- Strict no-logging policy
- Support Multihop servers
- Accept cash and bitcoin
- Blocks ads & trackers (AntiTracker)
- Owns and controls its entire infrastructure
Private Internet Access (PIA) is a U.S. based VPN service. They put a strong focus on privacy and security while offering a large number of features. They also have a strict and proven no-logging policy.
They have over 3386 servers in 42 countries. They support many VPN protocols, including the obsolete and insecure PPTP protocol (unfortunately).
PIA is also one of the cheapest high-quality and secure VPN services out there.
- Based in the United States
- Strict no-logging policy
- Blocks ads & trackers
- SOCKS5 Proxy support included
- Over 3386 servers in 42 countries
- One of the least expensive high-quality VPN Providers
So what’s the verdict of our Surfshark VPN review?
Surfshark provides a very good VPN service. They are able to balance security, privacy, and convenience in a thoughtful way.
With DNS leak protection, CleanWeb, strong encryption, a VPN kill switch, your online activities are protected.
And dedicated background P2P servers, native apps for every major platform, and unlimited simultaneous connections offer a level of convenience we’ve not seen elsewhere.
They also rent their infrastructure from large data centers, which introduces vulnerabilities, due to possible third-party access.
Surfshark is rather new in the commercial VPN space. So time will tell if they manage to stay on top of their game and of the VPN market. But we can confidently recommend them to anyone seeking to secure their online activities and enhancing their privacy.
Check out Surfshark’s website for more information.
Surfshark In-Depth Review: Everything You Need To Know
By Marc Dahan
Last updated: May 10, 2020