What Does a VPN Do? How Does a VPN Work?
When you use a VPN, you’re creating a secure and encrypted “tunnel” for internet traffic between your device and the wider internet — including the websites you visit and the apps you use. This prevents outsiders from intercepting and reading your data.
Using a VPN also enhances online privacy by hiding your IP address, which keeps your browsing activity anonymous and mostly untraceable.
Below, we dig into what VPNs hide and how they do it. We also explore how encryption and tunnelling work, and compare the most common VPN protocols:
- What Does a VPN Hide?
- How Does a VPN Hide My IP Address?
- How Does Encryption Work?
- How Does Tunneling Work?
- Comparing VPN Protocols
What Do VPNs Hide?
Protecting your connection with a VPN encrypts your internet traffic. This conceals your browsing history, location data, and other personal info from outsiders.
When you use a VPN, your online actions become invisible to your ISP, and makes it more difficult for identity thieves and hackers to get your information.
How Does a VPN Hide My IP Address?
Your IP address is typically assigned based on the physical location of your computer or phone. When your internet connection is routed through a VPN server, that location-based IP address is replaced with the VPN server’s address.
Once this happens, the websites and online services you’re using see the VPN’s IP address instead of yours, masking your physical location and contributing to your online anonymity.
How Does Encryption Work?
Encryption acts like a digital lockbox. It turns your data into a “secret code” during transmission. This means even if someone intercepts your data (like your ISP), without the unique decryption key for your device and VPN, it remains unreadable.
VPNs employ this technology to create secure tunnels for your internet traffic. Once you connect, everything you do online is effectively shielded from outside eyes. This encrypted connection also helps preserve your privacy, ensuring only you can access your information.
How Does Tunneling Work?
Tunneling technology wraps your data in highly secure “packets” for its journey across the internet, effectively enabling it to traverse public networks with a high degree of safety.
This process not only conceals the nature and destination of your internet traffic, but also significantly enhances the security of your online activities by shielding them from potential surveillance and unauthorized access.
Comparing VPN Protocols
VPN protocols determine how data is transmitted and encrypted between your device and the VPN server. These protocols affect VPN speed, security, and reliability. The five most common protocols are:
- WireGuard is a modern open-source VPN protocol known for simplicity and high-speed performance, utilizing state-of-the-art cryptography to provide secure, efficient connections. (The DuckDuckGo VPN uses WireGuard.)
- OpenVPN is a customizable open-source protocol offering robust security and compatibility with a wide range of devices, making it a popular choice for its flexibility and reliability.
- Secure Socket Tunneling Protocol (SSTP) is a Microsoft-developed protocol that excels in bypassing firewalls and provides strong security by using SSL/TLS encryption over TCP port 443.
- Internet Key Exchange version 2 (IKEv2) combined with IPSec is a fast and secure protocol, known for stability and ability to quickly re-establish a VPN connection in case of temporary disconnection.
- Layer 2 Tunneling Protocol (L2TP) combined with IPSec is a widely used protocol providing a good balance between security and speed. However, it may be slower than more modern protocols like WireGuard.
Prior versions on GitHub.