Hotspot Shield boasts more than 600 million clients around the world, which make it one of the most popular options on the VPN market. However, popular and good is not the same thing. We all want a VPN service to be secure and protect our identity from prying eyes. Can Hotspot Shield provide it? Here is my investigation of the service to answer a simple question: “Is Hotshop Shield safe?”
Company’s Jurisdiction
Hotspot Shield is the US-based company. While the USA may be a great choice for companies thanks to its stable economic and political climate as well as favorable legislation for corporations, it is not the best option for security-focused businesses. The country is a prominent member of the 5 Eyes spy alliance, which is known for surveillance and interception of commercial and private communication.
If the US government is keen on getting some data it may turn to a VPN provider and demand it yields access to customer files. Moreover, they can order that a VPN keeps silence about it so that users will never know they are spied on. Thus, Hotspot Shield’s jurisdiction doesn’t imply that the service is safe.
Hotspot Shield Logging Policy
Some VPNs are doing fine on security matters even if they are registered in security-unfavorable countries. To do so, they need to implement a zero-logging policy. It means that a service consciously retains no data about its users. Unfortunately, it is not the case with Hotspot Shield.
Their privacy policy allows them to collect data about the devices you use, operating system, language, as well as data regarding your wireless and mobile network. Although the company says this info can’t identify a user, it is not so. When data about your approximate location and a network is known, it is not a big problem to find your device.
It is reliably known that the service closely cooperates with marketing and advertisement companies (that make it possible to use this VPN for free). The provider claims it doesn’t share personal user data with such third-parties. This said, it doesn’t stop advertisers to collect data on your activity on their own. Moreover, a CSIRO study showed that Hotspot Shield actually collects information on users’ activities by inserting tracking codes. That’s not all. They caught the company red-handed when it routed clients’ traffic through networks of their affiliates to earn more money.
Hotspot Shield Security Features
One more thing that helps to ensure user security is data encryption. Today, most VPNs use the cutting-edge OpenVPN security protocol that is considered to be uncrackable. Additionally, providers pair it with AES 256-bit cipher that is currently impossible to unlock (unless you have a spare couple of hundred years). OpenVPN is an industry standard and every VPN service proudly says about it on its website.
If you take a look at Hotspot Shield’s website, there are no mentions about the type of security protocols they implement whatsoever. The only thing they say is that a military-grade encryption is in place. Usually, this term describes OpenVPN but once again, nothing pinpoints to this particular protocol directly. It is known, however, that their protocol is backed up with perfect forward secrecy (ECDHE) and 128-bit AES data encryption. 128-bit cipher is not the best option but it will do, perfect forward secrecy is actually great (it allows generating a new key for each session) but without knowledge about a security protocol it is impossible to say how safe they really are.
Not only are their security features questionable but also I have discovered DNS leaks through their Chrome extension. While some may think it is not a big deal, a serious privacy-focused service will never let it happen. Fortunately, it was the only type of leakage I experienced, so you are protected from IP and WebRTC leaks.
Finally, to keep your identity intact many VPNs offer anonymous payment methods such as cryptocurrencies or gift certificates. It is not about Hotspot Shield either. You can pay for your purchase with a credit card, PayPal or money transfer systems (Alipay, Qiwi Wallet, etc.). Therefore, the service put your identity at danger right when you make a deal with it.
There is some positive stuff about Hotspot Shield, too. If you want to know what exactly just check my detailed review.
Hotspot Shield Alternatives
You don’t have to opt for a service that can’t protect your privacy. The best you can do is switch to a provider that will put your security firs. Just a service exists and its name is NordVPN. It is a genuinely zero-logging VPN that is based in privacy-friendly paradise (Panama). Every aspect of its service is up to par, including state-of-the-art encryption, anti-leakage measures, and an abundance of advanced features (I nod to double encryption and likewise functions).
Conclusion
Hotspot Shield does not live up to expectations regarding its security facilities. Its jurisdiction won’t protect you from snooping on your activity. Logging policy allows advertisers to monitor your online behavior. Encryption protocol is basically kept secret so I can’t even conclude how safe it is. Occasional leakage is possible and there are no privacy-enhancing paying methods. So, if you are asking if Hotspot Shield is safe, the answer would be ‘no’.