Support Centers

What is Secure Core VPN?

Proton VPN offers a Secure Core feature which enhances the privacy and security of users by reducing the potential risks stemming from a compromised VPN server.

 

One common tactic for exposing VPN traffic involves compromising the server responsible for managing the traffic, a threat that is especially worrisome when servers are located in high-risk jurisdictions. In order to address this risk, Proton VPN has implemented Secure Core servers. This article provides a summary of the various attacks and threats that Secure Core helps to mitigate, explains how it enhances VPN privacy, and includes instructions on how to activate Secure Core within Proton VPN.

What is the protection offered by Secure Core?

Proton VPN employs a unique Secure Core architecture to provide our users with protection from network attacks that other VPNs are unable to defend against. In a typical VPN setup, a client’s traffic passes through a VPN server before reaching its final destination. If an attacker gains control of the VPN server or can monitor the server’s network, they can match the VPN client’s traffic and undermine the privacy benefits of the VPN.

 

These timing/correlation attacks are relatively easy to execute. In countries with restrictive internet regulations, such as China, Russia, Iran, and Turkey, or countries with extensive surveillance powers, such as the USA and UK, government surveillance agencies typically have the legal authority to coerce either the VPN provider or the VPN provider’s network/server provider to assist with such network monitoring. Therefore, even though Proton VPN is based in Switzerland, we cannot guarantee that our VPN servers located in high-risk countries are free from government monitoring.

What is the impact of Secure Core on VPN privacy?

The Secure Core feature of Proton VPN is designed to safeguard VPN privacy against potential threats by routing user traffic through multiple servers. When users connect to servers located in high-risk jurisdictions, such as the US, their traffic is first routed through Proton VPN’s Secure Core servers. This means that even if an attacker monitors Proton VPN’s servers in the US, they would only be able to trace the traffic back to the edge of the Secure Core network, making it significantly more difficult to determine the true IP address and location of Proton VPN users.

 

Proton VPN has taken extensive measures to secure its Secure Core servers. The servers are located in countries with robust privacy laws, such as Iceland, Switzerland, and Sweden, and are hosted in high-security data centers with physical security measures in place. In Switzerland and Sweden, the infrastructure is located in underground data centers, while in Iceland, the servers are situated on a former military base. Additionally, Proton VPN wholly owns and provisions the Secure Core servers, which are shipped directly from their offices. Finally, the servers are connected to the Internet using a dedicated network with IP addresses that are owned and operated by Proton VPN’s Local Internet Registry (LIR).

 

These measures provide a high level of certainty that Proton VPN’s Secure Core servers have not been tampered with. While no security system can guarantee 100% protection, Secure Core is one of the ways that Proton VPN delivers better security and privacy by defending against complex attacks that other VPNs may not be able to prevent.

What is the process for activating Secure Core?

The Secure Core feature is offered on all Proton VPN paid plans and can be activated by performing the following steps:

Windows, macOS, and Linux

1.To activate Secure Core on the Proton VPN app, simply open the app and click on the Secure Core button. Then, select the option to turn Secure Core On.

2. Choose a country and click on “Connect” to establish a secure connection through one of our Secure Core servers. Alternatively, you can click on the downward-pointing arrow next to a country and select a Secure Core server to route your connection through.

It should be noted that our Secure Core locations may not be able to establish connections with all countries.

Android and iOS / iPadOS

1.Launch the Proton VPN application and activate the Secure Core feature by flipping the switch to the on position.

2.Select the country you want to use as your VPN exit point, and then activate the on button beside the Secure Core location you prefer to route your connection through.

Please be aware that our Secure Core locations do not offer connectivity to all countries.

Protect your online security

Obtain Proton VPN
  • Strict no logbook policy
  • All applications are open source and vetted
  • H-speed server (up to 10 Gbps)
  • Headquarters in Switzerland
  • Our guarantee ensures a full refund within 30 days.