Encrypt.me is a long-standing US-based VPN service which has recently become a member of the J2 / StackPath group. As we shall see in this review, it offers a fairly basic service which is not suitable for those wanting high levels of privacy. That said,
- Simultaneous connections 100
- Countries 32
- Jurisdiction United States
- 15-day free trial no card required
- Unlimited simultaneous connections
- Unblocks BBC iPlayer
- No IP leaks in macOS
- IP leaks in Windows beta client
- No kill switches in any apps
- Keeps lots of logs for 16 days
Encrypt.me makes a distinction between “passes” and subscriptions, but other than the existence of a 1-week pass, the only difference is that payment for passes does not auto-renew, while with subscriptions it does.
An unusual feature of Encrypt.me’s pricing is that in addition to personal plans, it offers family and team plans (for up to very large groups).
Encrypt.me states that you can use “multiple devices at the same time if you like” on a single unlimited data account. It therefore seems that paying for a family or team account (presumably if the team is not too big!) is largely a matter of honesty on the customers’ part.
That said, at $12.99 per month for up to five family members, the family price is actually quite a bargain.
Encrypt.me also offers a Mini Plan for $2.99 per month, which has a 5GB data limit. All payments are via credit/debit card only and are processed by Stripe.
New users can take advantage of a 15-day free trial, which we are pleased to note does not require any credit card details. A valid email address is required to register, but there is nothing to prevent this being a disposable one.
- Apps available for iOS, Android, macOS, and Windows (beta)
- Unlimited simultaneous connections
- Servers in 32 countries (including “Africa,” which turns out to South Africa)
Torrenting is not permitted and P2P protocols are blocked. Notably missing on all platforms is any kind of kill switch.
When an unknown network is detected the VPN will auto-activate in order to protect your traffic. This feature is available
When you connect to an untrusted network this feature automatically restricts access to the internet until a VPN connection is established. This feature is only available in the desktop clients.
Does Encrypt.me unblock Netflix?
In tests US Netflix detected that we were using a VPN and blocked us. Connecting to a UK server did, however, allow us to watch BBC iPlayer.
Speed and Performance
In macOS we were pleased to discover no IP leaks whatsoever. In Windows, however, we detected regular DNS leaks and also IPv6 leaks via WebRTC. This should not be too surprising, however, given that the Windows client is clearly marked as being in the beta stage of development.
At this time we cannot test to IPv6 leaks on mobile platforms, but we detected no form of IPv4 leak in Android or iOS.
For more information on this subject please see our Complete Guide to IP Leak Protection.
Ease of Use
The website looks smart enough, but is rather short on hard information. And when information is available, it is often badly out of date – some article go back to 2011! We certainly hope that things have changed during the intervening years!
A blog expends a lot of digital ink explaining why VPNs should never be considered anything close to “anonymous.” While this is true in many ways, and pointing it out is somewhat laudable for a VPN service, it also sounds to us like Encrypt.me is keen to absolve itself of its responsibilities as a VPN provider.
No, a VPN should never be regarded as 100 precent secure, and it does not guarantee anonymity. But done well, a VPN can do a great deal to protect your privacy when online. As we see in the rest of this review, Encrypt.me has simply not taken many of steps required to do VPN privacy well (we are looking at you, connection logs and no kill switches).
The website features a number of FAQs, but these failed to answer any questions we had. The “live chat” feature is a purely automated affair, with human responses arriving by email a few hours later (all of which fell within Dallas office hours).
As we can see in the technical security section later in this review, the answers we received were far from satisfactory.
Signing up for an Encrypt.me account is very easy. To take advantage of the 15-day free trial, simply provide a valid email address and password and off you go. A confirmation email provides a link to the downloads page on the website.
Apps are available for macOS, iOS, and Android. A Windows (7+) app is also available, but this is in beta only, so Encrypt.me makes no promises about its stability or security. Which as we have seen, is just as well.
There is also a “Fire OS app”, although this is just the regular Android app made available through the Amazon App Store.
No setup guides or OpenVPN config files are available for manual setup on unsupported devices or with third party VPN clients.
The macOS client
The macOS client is a fairly simple affair, but it gets the job done just fine.
The mobile apps
Other than a Security App Lock feature in Android which secures the app with a password, the Android and iOS apps appear to be identical.
They both feature Auto-secure for WiFi networks, and work generally work well. Although neither app features a switch, more recent versions of Android now have a kill switch built-in to the OS itself.
The Window client (beta)
The Windows client is very similar to the macOS client and includes support for Auto-Secure and OverCloak.
Encrypt.me is based in Dallas, Texas, but is now owned by J2 Global, a US-based umbrella company which also officially owns seven other VPN brands. These include IPVanish and StrongVPN, SaferVPN and Perimeter 81. In addition to these, it provides white label services for a number of other VPN products.
The United Sates has no mandatory data retention laws, but the scale and scope of mass surveillance by the NSA and other government agencies, as exposed by Edward Snowden, means that it is prudent to assume that all tech services which offer privacy have been compromised in some way.
Encrypt.me keeps a full set of connection (metadata) logs for users of its VPN service.
- The number of bytes sent and received
- The length of time connected
- The IP address connected from and the (virtual) IP we assign
- The source port of the outgoing connection with start and end times
This is mitigated somewhat, however, as they are only kept for 16-days before they are deleted. This is not very long, but is probably enough time for a court order to be obtained if given sufficient priority.
The service also employs extensive website tracking, including the use of trackers from Google Analytics. Inside the apps analytics data is gathered by the third party Fabric.io and Google Firebase services, although it is possible to opt-out of this in-app.
Customers from or residing in the EU enjoy the usual privacy advantages laid out in the GDPR.
When we asked Encrypt.me to provide details about the encryption it uses in its various apps, support told us,
“We use standards like openvpn and Ikev2 we do not provide details on exact configurations at this time.”
Which is not exactly helpful. We are fairly certain that the macOS client uses OpenVPN, but more than that we do not know. When we can’t obtain such information from providers we assume that modern baseline default settings are used, which in the case of OpenVPN fall below our minimum recommendations.
For more information on this subject please check out our Ultimate Guide to VPN Encryption. We also asked support if Encrypt.me uses use single-occupancy bare metal VPN servers or virtual servers (software-based VPS instances on shared servers). Or a mix…
“Complicated question. The network is huge. Mainly our own servers but we do not rent out VPS from hosting providers and build that into the network, if that's what you're asking.”
Which, to be honest, leaves us none the wiser. As already noted, none of the apps feature any form of kill switch, so if the VPN connection fails then your IP address will be exposed to the internet.
As already noted, the Windows client is rather leaky. This is forgivable given its beta status, but since there is no way to manually configure Encrypt.me in Windows, the service is probably best avoided by mainly-Windows users.