Methodology
Our scoring is hybrid: every VPN is evaluated against a fixed list of criteria, each criterion becomes a colour-coded cell worth 0–1, category scores are the weighted average of their criteria, and the overall score is the weighted average of category scores. There are no hidden numbers. This page is generated from the same configuration that powers the grid.
Three kinds of tool
Not everything called a “VPN” is the same product, and scoring them on one scale would mislead. We tag each tool by type, and only the traffic-routing ones are ranked against each other:
Provider.A conventional VPN that routes your traffic through the company's own servers (Mullvad, Proton, IVPN…). Scored in full.
Mixnet.Routes traffic through a multi-hop mix network with cover traffic that resists the traffic-correlation attacks ordinary VPNs can't (e.g. NymVPN). Still a traffic-routing service, so it's scored on the same rubric.
Mesh. Links your own devices privately, Tailscale-style (e.g. NostrVPN), with no traffic-exit provider. There is no provider no-logs policy, jurisdiction, or server network to rate, so we list mesh tools but don't give them a head-to-head score. Comparing one to NordVPN would be apples to oranges.
How a cell is scored
- ✓ Good: meets the bar (score 1.0).
- ∼ Partial: partially meets it (0.25 to 0.6).
- ✗ Poor: fails it (score 0).
- ? Unknown or N/A: excluded from averages, so missing data never inflates or sinks a score.
Category weights
| Privacy | Jurisdiction, logging policy, and how anonymously you can sign up and pay. | 30% |
| Security | Protocols, kill switch, and leak-resistance features. | 20% |
| Transparency | Independent audits, open-source clients, and diskless infrastructure. | 30% |
| Value | Price, refund window, and whether a free tier exists. | 10% |
| Ethics | Honest marketing and consistent privacy claims. | 10% |
Criteria
Privacy
| Jurisdiction | Whether the operating country belongs to the 5/9/14 Eyes intelligence-sharing alliances. Outside all three scores best. | 27% |
| No traffic logs | Does the provider record the contents or destinations of your traffic? `None` is required for a credible privacy tool. | 27% |
| No connection metadata logs | Connection metadata: DNS requests, timestamps, and source IP. Scored as the worst of the three. | 18% |
| Anonymous signup | Can you create an account with no email address or personal info? | 18% |
| Anonymous payment | Accepts cash and/or cryptocurrency for untraceable payment. | 9% |
Security
| WireGuard | Offers the modern, fast, audited WireGuard protocol. | 25% |
| OpenVPN | Offers the mature, widely-trusted OpenVPN protocol. | 13% |
| Kill switch | Blocks all traffic if the VPN tunnel drops, preventing IP leaks. | 25% |
| Multi-hop | Routes through two servers so no single server sees both ends. | 13% |
| Obfuscation | Disguises VPN traffic to bypass censorship and DPI blocking. | 13% |
| First-party DNS | Runs its own DNS resolvers rather than leaking queries to third parties. | 13% |
Transparency
| Open-source clients | Are the apps open source so the privacy claims can be independently inspected? | 30% |
| Independent audits | Published third-party audits of no-logs claims, apps, or infrastructure. Two or more scores best. | 30% |
| RAM-only servers | Diskless servers that wipe all state on reboot. | 10% |
| Transparency report | Publishes a warrant canary or regular transparency report. | 10% |
| Court / seizure-tested no-logs | No-logs proven in the real world by a server seizure, police raid, or subpoena that produced no usable user data. Counts as a bonus only. | 20% |
Value
| Price (best $/mo) | Effective monthly cost on the cheapest long-term plan, in USD. Cheaper scores higher. | 50% |
| Refund window | Money-back guarantee length. 30 days or more scores best. | 25% |
| Free tier | Offers a genuinely free tier, not just a trial. Counts as a bonus only. | 25% |
Ethics
| No false claims | Avoids misleading "100% anonymous / military-grade / total privacy" marketing. | 50% |
| Consistent logging policy | No contradictions between the marketing copy and the privacy policy. | 50% |
Verification policy
- · A VPN appears on the site only once we have re-verified it against primary sources. Unverified or legacy data is never shown as current.
- · Every published record carries a
lastVerifieddate and a list of sources, enforced at build time. - · Anything we cannot confirm is marked unknown rather than guessed.
- · The data reflects a point in time. VPNs change pricing, ownership and policies often, so always confirm on the provider's own site.
What we don't (yet) score
Connection speed is deliberately excluded because it is volatile, route- and time-dependent, and easily gamed by marketing. Website-privacy metrics (trackers, cookies) are collected in our schema but not yet scored. Both are on the roadmap.
Attribution & licence
The comparison framework is adapted from That One Privacy Site's VPN comparison chart, used under the Creative Commons BY-NC-SA 4.0 licence. In keeping with that licence and our own principles, this site is non-commercial and carries no affiliate links. We are not paid by, and do not accept money from, any VPN we rank. The visual approach is inspired by PrivacyTests.org.