NordVPN is among the most popular VPNs, depending at the present time; however, its functions have improved significantly in the past several years. Not only does it shield your Web traffic, but using Threat Protection Pro, it scans your downloaded files for viruses as a traditional antivirus would and has impressive scores on fraudulent and malware hosting URLs. I would like to discuss all these features
offered in a single app, making NordVPN deserving of our Editor’s Choice award. There is no single Editor’s Choice in this category, but two of them stand out in every way: Mullvad VPN, which provides maximum privacy, and Proton VPN, which is five-star, more affordable, and simpler than NordVPN.
How Much Does NordVPN Cost?
In its pricing options, NordVPN offers the Standard plan for just $12.99 a month/$59.88 for the first year, which comes with just the VPN service itself. The Plus tier costs $13.99 monthly or $69.48 for the first year. It includes the NordPass password manager, breach scanning like HaveIBeenPwned, and the Threat Protection Pro in-house antivirus solution, which we’ll explain later.
The Ultimate tier, which used to be called the Complete tier ($14.99 per month or $83.88 for the first year), will come with 1TB of encrypted cloud storage via NordLocker and identity protection services up to $1m for the user if they are lost. These renew at the mentioned annual rates per year.
It should also be noted that in April of 2024, NordVPN was included in a sweep of class action lawsuits on behalf of California and North Carolina states regarding its renewal strategy of annual plans. However, some of those prices above that look so promising the first time,
if you let your subscription renew for the second year, users claim they are charged up to 200% of the initial amount they paid and receive very little notice of the increase before being charged.
Although this is not an unusual practice in the industry, it is not hard for some users of Nord and other online services to find out that it was precisely targeted for this reason: canceling the subscription was too hard, and the conditions of renewal were not explained clearly enough when one subscribed.
The case is still under arbitration, and this review will be updated when each state has settled on the motion’s result.
While the above-mentioned discounts may appear attractive initially, we advise that our readers do not promptly uptake long-term plan discounts. In fact, to start, the person could adopt a weekly or one-month plan to test the service.
Please remember that NordVPN may use different pricing depending on the time of year or your location. But there appears to be no rigging this system other than connecting to the site, deleting the cookies, and praying that the desirable discount comes up each time. Currently, NordVPN has no free trial or test subscription for interested users.
Currently, NordVPN accepts payment using all major credit cards and even cryptocurrencies through CoinGate, Google Pay, and PayPal. As of this writing, the average cost for a VPN service we’ve reviewed is about $10.14 per month and $57.61 per year. This makes NordVPN one of the most costly VPN solutions we’ve reviewed across segments, tiers, and subscription terms.
It’s possible to obtain the best VPN service for less. For example, Mullvad VPN costs 5 euros per month, while Proton VPN costs $11.49. It offers almost the same set of features and half the number of simultaneously connected devices as NordVPN.
Nord VPN has a feature of the multi-hop connection known as Double VPN. Actually, they make your connection pass through two VPN servers instead of only one. That way, if one leg of the connection is penetrated, your internet connection stays protected. It also lets you jump directly on the TOR network without using the app.
Split tunneling allows selecting which application uses the VPN connection and which one will connect directly. As for the VPN connection option, NordVPN allows or denies the VPN connection for the particular app.
However, the company doesn’t offer split tunneling for its iOS and Mac OS applications. Not many products include split tunneling, access to the Tor network through a VPN server, and multiple connection hops.
NordVPN also now offers a service called Threat Protection Pro and other features not normally associated with a VPN. The company says it eliminates online threats such as unauthorized sites, scans downloads for threats, and prevents trackers and ads.
We will examine this feature in more detail later in this review section. Other companies, for example, have ventured into similar waters with Surfshark One; others have antivirus companies that have begun bundling VPNs with their products.
Thus, it is worth pointing out that even with the help of a VPN, one is not invulnerable to every danger. Everyone should enable multi-factor authentication whenever possible, set individual long and complicated passwords for every site and service with the help of a password manager, and install antivirus.
What VPN Protocols You Can Get From NordVPN?
NordVPN has switched to NordLynx (based on WireGuard) in many Android, iOS, macOS, and Windows applications. OpenVPN is also supported in all of those systems. IKEv2 is available only for iOS and macOS applications.
OpenVPN has been considered the best VPN protocol for some time, but many people are starting to use WireGuard. It’s easy to see why. Nevertheless, WireGuard is open source and offers more new encryption schemes and better speeds than OpenVPN.
Where NordVPN Is Located
On the 26th of March 2024, NordVPN stated that the company had covered only 60 countries earlier and had advanced to 111 after the company had carried out a network update. That is a large increase, though some VPN companies still beat it. For instance, PureVPN has VPN servers in 139 countries, Surfshark – in 100, and HMA has about 190.
Again, as with many VPNs, most physical servers are in America and Great Britain. However, NordVPN has also anonymously located the multicultural server switch. The company currently has one place in Africa (South Africa) and several in South America—two continents the majority of services avoid.
For instance, NordVPN provides servers in Hong Kong, Turkey, and Vietnam—all nations renowned for their meddlesome web policies. Unlike Russia, the company provides servers in Ukraine. Please remember that we don’t recommend which VPNs to circumvent government censorship, as the cost of making a mistake in this case is simply too high.
Is NordVPN Trustworthy?
VPNs are generally very reliant on their servers, as all your internet connection goes through them. In each case study, we also read through the firm’s privacy policy and reported security and privacy concerns to the firm. We didn’t see anything shady here, but NordVPN’s policy was structured in a way that was less friendly to readers than Tunnelbear’s.
As we’ve seen in our conversations with the company and stated in its privacy policy, NordVPN does not track browsing history, traffic, or IP addresses. That’s as it should be.
Still, according to NordVPN’s privacy policy, your username is stored for the last session of NordVPN, and the time is stored only for 15 minutes after the session. That’s good. A third confirmed this, as highlighted in the following third audit.
An official from NordVPN clarified that the company has no interest in selling user data for monetary value. The company only earns revenue from customers’ subscriptions and has no diversified income source.
NordVPN’s legal jurisdiction and incorporation are in Panama. Specifically, Panama has no legal obligation to retain data for a particular period. The company also states that it only processes data in response to a legal requirement, which would only be a court order or subpoena from a Panamanian court.
According to NordVPN, the company has offices in other countries besides Panama, and it was started in Lithuania. Today, many VPN companies publish the results of international independent checks to establish confidence. Two audits by PriceWaterhouseCoopers (PWC) were conducted regarding NordVPN in 2018 and
In 2020, VerSprite published penetration reports in NordVPN’s apps in 2021. In January 2023, NordVPN published an audit from Deloitte to confirm the company was not violating its policy of not logging the activity of the users. Two reports by the Cure53 German cybersecurity firm from February 2023 analyzed NordVPN’s
apps and infrastructure. As stated by the company, different important problems were reported concerning the critical, high, and medium levels and were solved by the developers; moreover, their effectiveness was checked by Cure53. The ability to perform audits may be imperfect; nonetheless, audits remain a form of most welcome accountability.
It is good to see NordVPN carry out third-party audits and produce more for analysis, even though we anticipate the company committing to independent annual audits like TunnelBear has.
First Impression of NordVPN for Windows
To test, we installed NordVPN on our Intel NUC 13 Extreme Kit Raptor Canyon test PC on the latest Windows 10 OS with ease. It has changed its looks quite a bit since the last time I reviewed it here. This includes an all-new start screen with separated blocks: There was a separate RADIUS server for the VPN, Threat Protection Pro, and another for File Sharing.
One of the entertaining factors is an onboarding wizard in which you can view brief info about the VPN’s features and make some changes before starting. For example, you can set when NordVPN should connect and how it will work when the kill switch is on. Of course, it also invites you to download its other products:
NordPass and NordLocker. We were also nudged to set up the NordVPN browser extension, but we had to authorize it in the browser (Chrome) ourselves before we could use it.
The developers of NordVPN are trying to sell its app as a low-maintenance, easily automated service. An option in the status bar called a Pause button will shut down the VPN connection but get you
to reconnect immediately after 5 minutes, 15 minutes, or 1 hour. You can also use the pause button to indicate that the present network is safe and does not need a VPN to be on at all. Pressing the power button brings a warning that it will turn the VPN off; however, when the app starts, it reconnects to the internet by default.
It is assumed that you need the application to work continuously, but sometimes, this can become quite intrusive if that’s not your approach to VPNs.
Ultimately, I found NordVPN’s Windows performance among the best, for a good reason: the price and its status within the VPN market.
NordVPN Threat Protection Pro
Several years ago, NordVPN launched Threat Protection as antivirus software with standalone functionality. There was no on-demand scanner, local files were not scanned, and web protection was only active, mainly at the VPN level, to say the least. To gauge how subpar the customized apps must have been, the feature was soon returned to the main NordVPN product as part of the extra package, which is now incorporated.
The current version of Threat Protection Pro is a somewhat better package than the first attempt, but it is still not a full antivirus. Its own documentation says that “Although Nord VPN’s Threat Protection Pro is not an antivirus app in the first place, it’s an antivirus app in the way it plans on working and offers features that an
actual antivirus does such as scanning downloads for malware and blocking threats before it encounters the URL it is planning on attacking.”
Still, most clients will associate it with other antivirus apps, and with good reason, for it is one in many ways. We ran the Threat Protection Pro component through its regular antivirus tests, achieving results from below average to ideal.
Threat Protection Pro consists of three main components: Web protection, fire protection, and vulnerability, some of ColdFusion’s primary capabilities. Web protection can mean a feature that would scan and handle viruses and malware found in local files; however, file protection describes NordVPN’s ability to recognize malware from the internet through downloads and open attachments.
Malware in Relation to Download-Specific Protection
The traditional solution of antivirus software lies in its ability to offer a quick or full-scheduled, one-time scan of the PC for any signs of malware. It is also performed on any type of access scanning files, and the majority add some form of behavioral analysis to detect malware that passes other detection methods.
Instead, NordVPN Threat Protection does none of these things. It only targets downloads, scans every page you open, and scrutinizes every file in your system. It will not be able to scan for files gotten through an infected flash drive or any malware files that may have been on the computer before the application was installed. But if it fails to identify a threat while downloading, it cannot then have another shot at preventing nasty conduct.
On the bright side, the app developers take pride in having their own engine. As Nord states, “ Threat Protection Pro employs in-house engines created by Nord Security—we do not incorporate any SDKs from outside. This way, these engines could be developed in-house, and thus, the capability to deliver the products that our customers need was gained.
The first part of our traditional malware detection test sees us run several folders of carefully selected malware samples. Most tools begin moving through the samples immediately, whereas others annex them just before each program runs. As with PIA, we had to deviate from the regular testing process to get
any reaction from NordVPN – it doesn’t test local files. It was (again, mentally monotonous) a basic shift: we just copied the samples to cloud storage and then downloaded it.
Excellent Phishing Detection
If a malware gang can sneak an attack program through all the defenses to deposit it on your machine, that program has to deal with any resident antivirus and the integrated antivirus features of the operating system. Writing good viruses is difficult. Phishing fraudsters do not bother with such toil and go straight for the jugular, which is the user.
A phishing site is an effective copy of a certain site to which it refers and resembles it as closely as possible. Once you fail to heed the signs and log in via the fake site, the account is in the hands of the phishing gang. It should come as no surprise that banking and financial sites are a favorite because most fake websites can be anything from webmail to dating sites to game sites.
For the purpose of our antiphishing test, we gather samples from websites that list reported frauds and similar things. This way, we ensure that there are items that have not been reported to antiphishing blacklists because they just came into circulation, and there are items confirmed to be fake.
Next, we installed four browsers: one será protected by the antivirus under test, and the other three are the protection built in Chrome, Edge, and Firefox. We release each sample simultaneously in the four browsers and document how each defender counteracts it.
If any of the four hits an error message, that URL heads straight for the scrap heap. With this,
we also discard any not evidently trying to phish login details. We then see the stats after testing the samples on an average of hundreds.
More on Threat Protection Pro
Sometimes, extra features make up for the lack of high quality in some aspects of a software tool.
After the web protection icon on the Threat Protection Pro page, you can click on the link called View Activity and Customize, which leads you to the web protection settings page.
Here, you’ll find more features beyond the big three already mentioned. As a result, we classify it as a scam site detector, web tracker blocker, ad blocker, URL trimmer, and search results safety indicator. The URL trimmer only eliminates things like tracking code from the URLs your browser goes to; the rest have a little more to them.
A fraud alert notifies you if the site you visit is notorious for conning people into parting with their cash in return for a product that may not exist or is a blatant fake. When invoked, it shows the site in a panel within the warning page. This is rare, though Norton has the browser safety feature and scam, while Bitdefender has numerous safety features that warn of different types of fraud.
Each time you traverse a web page, your browser accompanies many details about you that they use to offer you the best experience. That information also goes to every third-party advertisement and tracker that exists on that page. Combining the data received from different third-party elements scattered across various sites,
trackers learn all sorts of specifics about your preferences or, in other words, a profile they might use to guide your experience. Sometimes, it seems that even commercials that are not associated with tracking can be particularly irritating. NordVPN has the noble goal of stopping this and saving you from annoying ads.
Like most other VPN services such as Windscribe, ExpressVPN, Proton VPN, and many others, NordVPN also contains the rather despotic option to block all known ad and tracker sites based on their DNS. The subscription service of Threat Protection Pro extends this protection to a superior level of ad and tracker blocking,
which is seen quite frequently in many security suites and antivirus solutions. Many free programs with this feature achieve it with a browser extension, including Bitdefender and Avira Free Security. Usually, the extension’s toolbar button shows the number of trackers on the page, extended info & options with one click.
NordVPN does not disclose data regarding how many advertisements are associated with the toolbar button. It does not record the items that are blocked and don’t offer an easy method by which one could manage the settings of just which trackers get blocked. Of course, we could try it immediately by opening an ad-filled page on two devices, one where NordVPN is connected and another where it is not.
Similar to Norton, Bitdefender, and other such software, NordVPN Threat Protection scans results from several search engines and flags anything that it discovers to be malicious. NordVPN does a pretty good job at the bare minimum of making sure you are not led into dangerous search results, though Norton takes it a step further by providing a full report on any site.
NordVPN Speed and Performance
VPN can slow down or increase the time it takes to download files and collect information, affect the rate at which you upload files, and impact your latency. To understand the extent to which VPN influences our tests, we developed a benchmark. For more, read the ethics policy displayed in this publication’s Editorial Mission Statement.
In our latest runs, NordVPN delivered the sixth-lowest Point of Contact score of 9.6% reduced download speed test outcomes and 26.27% diminished upload speed test outcomes. The corresponding increase in our latency results was 11.84% during the same run. These results are quite good overall.
