Surfshark VPN Review
Surfshark is an interesting VPN that comes packed with features, works just about everywhere and has one of the best value introductory deals.
The network contains more than 3,200 servers spread over an impressive 160+ locations in 65 countries.
There are apps for Windows, Mac, iOS, Android, Linux, Chrome and Firefox extensions, a Smart DNS unblocking website for game consoles, smart TVs, and more.
Whatever you’re using, you don’t have to worry about annoying ‘simultaneous connection’ limits – you can install and run Surfshark on as many devices as you want.
The service is excellent in terms of the technical basics, including strong AES-256-GCM encryption, WireGuard, OpenVPN and IKEv2 support, Shadowsocks to help you bypass VPN bans, a no-logs policy, and a kill switch to protect you in the event of a connection drop.
- Surfshark subscription options:
- 24-month plan – $2.21 per month (total cost $53.04)
There is real depth here. Android apps can see most VPNs by asking for your actual location, but not Surfshark – GPS Spoofing allows you to return the coordinates of your chosen VPN server.
Oh, there’s also URL and ad blocking, P2P support on most servers, VPN chaining (use two servers for one hop), split tunneling, corporate DNS servers, and 24/7 support via email and live chat if anything goes. wrong.
Embarrassed. Especially since we haven’t mentioned updates since our last review.
Surfshark has undergone a new security audit, for example, this time looking at its servers.
App updates and improvements include version 3.0.0 releases for Windows and Mac, iOS and Android tools, Apple M1 compatibility, and a split-tunneling Bypasser-like system for browser extensions.
More ambitiously, the company is branching out into the world of security with the release of Surfshark One. This new security suite includes a VPN, an on-demand Avira-powered antivirus, an alert system to warn you if your details appear in a data breach, and a privacy-friendly, ad-free and tracker-free internet search tool.
Surfshark One’s new plan includes data breach alerts and privacy-friendly internet search (Image credit: Surfshark)
As you’ll see, courtesy of Surfshark’s price and deal guide, the service’s monthly plan is more expensive than some, at $12.95, and a six-month payment up front still cuts the cost down to just $6.49.
The 12-month + 12-month free plan is a great deal for the first period at $2.49, but doubles on renewal to $4.98 for the annual plan.
This initial price beats most of the competition, but there are some exceptions. Their three-year Private Internet Access plan costs just $2.19 a month, for example, and has a simple on-demand antivirus.
The new Surfshark One plan gives you all the same VPN features, adds Avira-powered antivirus, data breach monitoring, and privacy-friendly internet search. You can activate it for an additional $1.99 a month. cheap? Well, it’s a very basic setup. The antivirus supports on-demand scans, for example, but it doesn’t have any real-time protection, so it’s not a replacement for a full-fledged antivirus app.
Surfshark One also gives you an Avira-based antivirus, but it’s basic (Image credit: Surfshark)
If security is a priority, keep in mind that most major antivirus companies now also include VPNs. Avast One gives you much more capable security and antivirus tools, and an unlimited VPN, for $3.99 per month for the first year, and $8.33 on renewal.
Surfshark’s seven-day free trial for Android, iOS, and Mac gives you some time to try out the service for yourself. We’d like something for Windows users too, but it seems unfair to complain when many providers don’t have experiences at all.
Surfshark offers more than you would expect with its suite of payment methods, with support for credit cards, PayPal, cryptocurrencies, Amazon Pay, Google Pay and Ali Pay.
But if you sign up after all that and find the company isn’t right for you, no problem – you’re protected by a 30-day money-back guarantee.
Surfshark keeps no logs of its users and the service protects your connection with AES 256 encryption and a kill switch (Image credit: Surfshark)
Privacy and Registration
Surfshark’s privacy features start with the basics of VPN: secure protocols (OpenVPN UDP, TCP, WireGuard, IKEv2), AES-256 encryption, a kill switch to prevent internet access and prevent identity leakage if the VPN connection fails.
But this is just the beginning. Surfshark has its own DNS on every server to reduce the chance of others spying on your activities. And the ability to use a double hop VPN (connect to Paris, for example, and then leave Surfshark in New York) makes it difficult for anyone to follow your tracks.
Like ExpressVPN, Surfshark is based in the British Virgin Islands, and the company notes that this means it’s not necessary to keep logs of user actions.
The login FAQ page makes this clear, and explains that Surfshark does not collect: “incoming and outgoing IP addresses; browsing, downloading, or purchasing history; which VPN servers you use; bandwidth used; session information; connection timestamps; congestion.”
The FAQ states that the only data the company holds about you is your email address and billing information.
The page used to say that Surfshark collected some anonymous aggregate stats — performance information, system usage frequency, unsuccessful connections, crash reports — but those details have been removed.
We don’t know why, but that’s not just because Surfshark no longer records this data, because the Windows app’s settings box still contains the “Collect anonymous crash reports” option. The installer doesn’t ask for permission to enable this – it just turns it on by default – but if you’re not satisfied, and you notice the setting, you can turn it off with a single click.
Surfshark underwent a second Cure53 audit on its server infrastructure in 2021 (Image source: Surfshark)
Privacy policies are important, but we don’t think customers should take the VPN provider’s words based on trust. That’s why we’re pleased to see that Surfshark has put two areas of its services through an independent security audit.
In November 2018, German security company Cure53 [PDF] Put Surfshark Browser Extensions under a powerful security microscope. The company found only two small issues, concluding that it was “extremely pleased to see such a strong security posture on Surfshark VPN extensions.”
That was good news in 2018, but it’s less exciting years later, especially when I examined only such a limited area of service.
In May 2021, Surfshark went even further, reporting a second Cure53 audit of its servers.
This audit had a much broader scope: “a comprehensive examination and assessment of the security posture presented by the Surfshark server, VPN configuration, as well as related infrastructure.”
The auditors found only four general security-related issues, with a maximum severity of “medium”. If you’re not used to reading Cure53 audits, it’s not bad at all (they are exceptionally comprehensive and you always find something to do).
The report concluded that “the overall result should be considered good” and Surfshark had a clear understanding of the challenges posed by VPN security.
Surfshark could have taken the review a little further. You didn’t check your Surfshark no logs credentials, which seems like a missed opportunity. The company only published a summary of the report; We would much rather see the full version.
However, we’re happy to see Surfshark do this scrutiny, and the conclusions look good to us, but we hope to see more detailed reports in the future.
Surfshark’s Windows client will be easy to familiarize yourself with for those familiar with other VPNs (Image credit: Surfshark)
Getting started with Surfshark was easy. We downloaded and installed the Windows client, chose the registration option, and were even able to select a plan and deliver payment from within the installer, without the need for a third-party browser.
The Windows client interface is more versatile than most, adapting like a responsive website while resizing its window. At its smallest, the client is much like any other VPN app, with a connect button, status information, and a list of sites. But expand or enlarge the client window and reformat it to display the new panels and options.
Communication is easy. Click the button, desktop notifications will tell you when Surfshark connects and disconnects, and the interface is refreshed to display your new virtual location and IP address.
The site menu doesn’t show response times, but server load icons highlight your best (and worst) options, and the favorites system lets you manage commonly used servers.
The static IP list allows you to connect to sites in Germany, Japan, Singapore, UK and US, and receive a static IP address from each of them (ie your IP address will be from the country of your choice, but it will be the same every time you connect). This can be useful if you need to connect to an IP-restricted network while using a VPN, but keep in mind that any other Surfshark client can use the same IP address, so you’ll need an extra layer of authentication.
Right-clicking the Surfshark system tray icon displays a mini app window, instead of the usual basic text menu, allowing you to connect to the fastest server, choose one of the latest sites, or open the full app interface.
Surfshark also includes a MultiHop feature that sends your traffic through two VPN servers for added security (Image credit: Surfshark)
The MultiHop tab passes your traffic through two VPN servers, ensuring that even if the exit server is compromised, the attacker will not have your real IP address. There are 14 routes available, with the first server being your initial connection (options include the US, Canada, UK, Singapore, Germany, France, India, the Netherlands and Australia), the second being where you’ll appear outside the world (France, Germany, Hong Kong, India, the Netherlands, Portugal, Singapore, Sweden, United Kingdom, United States). The idea is that even if the exit server is compromised, the attacker will still only get an anonymous IP address.
The Whitelister panel lets you create whitelists of apps, websites, and IP addresses that bypass the VPN (an extended version of the split tunneling feature you’ll see with providers like ExpressVPN). If using Surfshark is jailbreaking a particular website or app, adding it to the whitelist should solve the problem.
Alternatively, you can set the whitelist to only route your chosen apps through the VPN. This may be more useful if you only use Surfshark for one or two tasks, for example torrenting: set up a torrent client to connect via VPN and everything else will use your usual connection.
This was not always what was expected of us. When we enabled the option to route certain apps through the VPN, for example, Surfshark demanded that the VPN protocol selection be turned to “auto”. This is the default setting and not many users are likely to care, but if you prefer to use a specific protocol, this can be a problem.
Once Surfshark was set up as required, though, Whitelister worked exactly as advertised, and it’s great to see the VPN provider offer this level of desktop split tunneling support. (Some VPNs have split-tunneling systems on Windows – ExpressVPN, Hotspot Shield, NordVPN, Private Internet Access, ProtonVPN – but most save the feature to their mobile apps.)
Surfshark’s CleanWeb feature blocks ads, trackers, and malicious links. We’re not sure how effective this will be, though, as in our quick tests we found specialized tools like uBlock Origin that blocked more ads and offered more control.
NoBorders mode aims to help you get online in countries where VPNs are commonly banned. Surfshark does not explain in detail what this does, but it is assumed that it is trying to confuse your traffic in some way.
More traditional features include options to run a VPN with Windows, or…