2 User Reviews
Leave a Review - Step 1
Leave a Review - Step 2
Please tell us in more detail about this product
Leave a Review - Step 3Thanks for your review!
36 month$143.64 billed every 3 years
24 month$119.76 billed every 2 years
12 month$71.88 billed every year
HMA VPN has three subscription plans. The monthly plan is $11.99, which is about average for a single month VPN subscription of this kind.
That price reduces substantially when you commit for a year - to just $83.88 - or the equivalent of $6.99 per month. A two-year subscription costs $119.76 - which is the equivalent of $4.99 per month. And, since we last reviewed HMA, the firm has introduced an extended 36 month plan, which costs just $143.64 or the equivalent of $3.99 per month. These are competitive prices, but not the cheapest we have ever encountered.
HMA also recently introduced its family plan . This increases the simultaneous connections on offer to 10... more than enough for a family of three each using two devices.
All the subscription plans for HMA VPN come with the same features; only the price changes. What's more, all customers are given the opportunity to test the VPN thanks to its generous 30-day money-back guarantee. And, as if that wasn't generous enough, the VPN has a 7-day free trial that lets you test the VPN without providing any payment details at all. This is a very nice touch.
Please note, however, that users must not exceed 10Gb of download usage before they ask for a refund - or this will invalidate the money-back guarantee. In addition, you cannot get a refund if you pay via iTunes or Google Play. So, if you want the option to change your mind, please purchase the VPN directly from HMA. Many people have previously complained about not being able to get their money back, but it is always because of this fine print.
Auto-renewal of subscriptions is enabled by default, so if you don’t want to renew you will need to cancel your subscription in the member's area of its website. Finally, payments can be made via credit or debit card, PayPal, iDEAL, bank/wire transfer, UnionPay and SOFORT. However, HMA does not accept Bitcoin payments.
When it comes to streaming, this VPN is a service that is extremely competent. It can unblock a huge range of TV streams from around the globe, and it manages to unblock highly sought after services like BBC iPlayer and Netflix US. In fact, many consumers opt for this service specifically because it is so good for streaming.
HMA VPN Features
|Routers Supported||Asus routers, Tomato, DD-WRT,Vilfo|
|Bare metal or virtual servers||A combination|
Now that Version 5 of the HMA client is available to all subscribers, an HMA subscription comes with the following awesome features:
1000+ VPN servers in 280+ locations in 190+ countries. HMA has servers in unusual places like the Falkland Islands, Papua New Guinea, Malawi, Serbia, and many more. If unblocking content in unusual places is important to you; this service is a great option.
Super fast 20Gbps servers (already rolled out across a quarter of its network).
IP refresh tool lets you get a new IP address in the same location (if the IP address you are using is suddenly blocked by a service).
Five simultaneous connections.
Supports OpenVPN, Point-to-Point Tunneling Protocol (PPTP) and Layer 2 Tunneling Protocol (L2TP) VPN protocols.
Kill switch (Mac, Windows and Android).
New smart kill switch for Windows lets you auto-launch the VPN (with the kill switch enabled) when you launch specified programs.
Split tunneling. Lets you decide what data is sent down the VPN tunnel and which programmes keeps your local IP address instead.
Speed test feature lets you check how HMA servers are performing.
24/7 live chat support.
30-day money-back guarantee (as long as you don’t download over 10 Gb of data during the 30-day period and buy the VPN directly from the HMA website).
No logs policy.
Free HMA proxy service with servers in the US, Germany, the Netherlands, the UK and the Czech Republic. Excellent free proxy service encrypts the URLs that get stored in your history (in case you forget to use private browsing mode), turns off cookies, and removes scripts.
Speed and Performance
At ProPrivacy.com, we test VPN speeds using a scientific server-based system. Our proprietary system tests VPNs three times a day using the OpenVPN protocol (for fairness across all providers). We test a UK server for local max (burst) speeds. And a Hong Kong, US, UK, and Australian server for averages. In the image below, you can see how HMA's connection speeds averaged over a four-month period stretching from November 2019 to February 2020.
During our tests, we discovered average download speeds of 58 Mbps and burst speed results of 594 Mbps. These are outstanding connection speed results - that have improved since we last reviewed the VPN. These speed test results are stable, which means that this VPN is capable of unblocking HD streams without issues. Thus, we can recommend HMA VPN for data intensive tasks like streaming, gaming, and videoconferencing.
As you can see from the image above, there are faster VPNs on the market. However, HMA compares extremely well to some of the best VPNs on the market, meaning that this is in the top percentile of commercial VPNs. In fact, the burst speeds we recorded are exceptional, and are almost identical to the very fastest VPNs in the world.
IP leaks, WebRTC leaks, and DNS leaks
|WebRTC leak detected?|
|IPv4 leak detected?|
|ProPrivacy.com SpeedTest (max/burst)||177.87|
|ProPrivacy.com SpeedTest (average)||63.26|
We tested the VPN thoroughly for IP leaks and DNS leaks using our industry standard VPN leak testing tool. We tested the Windows client and discovered no IPv4 leaks, IPV6 leaks, WebRTC leaks, or DNS leaks. This is excellent and means that the VPN is 100% working as it should. It is also worth noting that this means DNS leak protection is built into the clients by default - which is great.
Below you can see that the VPN only registered one IP address in Austria. We also only detected a single IP address, also in Austria. This demonstrates that the VPN is successfully proxying DNS requests via its own servers. These are ideal results. Also worth noting, the IPv6 test was not reachable because the client was blocking IPv6 connections. Again, this shows that the VPN is working as it should.
Finally, we are happy to report that HMA VPN no longer suffers from WebRTC leaks on either Mac or Windows. This is excellent and means that the VPN is now completely clear of leaks.
Privacy and Security
IPv6 leak protection
WebRTC leak protection
HMA was acquired in 2015 by the Czech company Avast Software. However, it is still managed and run in the UK. Being based in the UK is enough to put some people off this VPN. The UK is a location where government intelligence is massively overreaching, and where the authorities are able to issue warrants and gag orders that force firms to hand over the data they have on their servers in secrecy. This makes the UK far from an ideal location for a privacy service to be based.
The UK's surveillance habits are only problematic if a VPN stores logs, but HMA has now completely stopped storing any logs whatsoever. While it is true that HMA did used to keep some connection logs for 30 days, this is no longer true. This is what HMA told us about its new policy:
"HMA will not log any identifiable user activity defined as follows:
- Original IP addresses, which could be used to identify the user.
- No DNS query data, which would let us see what sites users visited when browsing (and probably help us identify them).
- Any online activity, which includes sites logged into, services interacted with, apps running, and streams being watched… basically anything done online."
This is good news, and means that users of HMA can be assured that there are no logs stored on file that could potentially be used to identify them and track what they did online while connected to the service.
Finally, it is worth noting that there have been incidents when HMA has handed over logs to the police. In 2011, HMA handed over internet records and personal details about Cody Kretsinger to the cops. Kretsinger was a LulzSec member accused of hacking Sony Pictures; he was imprisoned on hacking charges (in part proven with the help of HMA). In 2017 a judge from Galveston County, Texas was arrested for harassing his ex-girlfriend. He was an HMA user whose IP address was uncovered using connection timestamps.
These kinds of incidents should now be squarely in this providers' past, because the VPN should have no valuable data to provide to the authorities even if it is served a warrant.
The HMA website claims that it implements its encryption as follows:
“OpenVPN is using OpenSSL with algorithms 3DES, AES 256, RC5, 256-bit encryption for the control channel (e.g. password, authentication, etc.).”
That is extremely vague. After some digging, however, I was able to figure out that HMA implements its encryption as follows:
Data channel: a AES-256-CGM with 4096-bit RSA keys for handshakes, and SHA256 for authentication.
Control channel: an AES-256 cipher with RSA-2048 handshake encryption and SHA-1 hash authentication. Perfect Forward Secrecy is provided courtesy of a Diffie-Hellman key exchange.
Any subscriber using the very latest version of HMA will get these encryption standards, and will find that the encryption is robust on both channels. This means that anybody using HMA is secure against anybody attempting to hack their data. For more information on VPN encryption please read our VPN Encryption: Complete Guide.
Finally, it is worth noting that HMA told us that those standards may revert back to AES 128 CBC with a SHA 1 auth for 'Legacy Users.' This is a slightly confusing statement, and we aren't clear in which circumstances that may occur. However, we would presume that anybody using an up to date machine and the latest client will connect using the standards mentioned above.
Money-back guarantee length
HMA has excellent options when it comes to customer support. Live chat is available on its website 24/7 and its agents are both helpful and knowledgeable. The agents responded almost immediately, and we found them to be extremely polite. All in all, we found the service outstanding for getting fast responses about unblocking content and installation help.
Admittedly, some of the more techy questions had to be elevated to a more senior tech member of staff. This was done by the customer support agent who told me we would receive a response via email. That email did come to our inbox with the desired information, which is great.
In addition, the website has a community where you can ask fellow users questions about the service; a Blog where you can see useful articles about VPNs, privacy, and using VPNs to access content from around the world. And a knowledge base full of FAQs and guides that will help you to resolve the majority of setup and troubleshooting issues you are likely to experience.
We found these resources to be truly outstanding, and they act as a fantastic counterpart to the live chat support.
The Windows Client
The Windows VPN app is a fully-featured client that is easy to use. It comes with a kill switch to stop you leaking data to your ISP - should the VPN connection happen to drop out. This means you will be able to use HMA for torrenting securely.
On the other hand, HMA specifically told us that "we do not support the use of Torrent to share copyrighted material illegally. If you use our VPN service for such activity, you will probably cause us to receive DMCA notices from the copyright holders, who monitor Torrent trackers." This is usually an unspoken sentiment shared by many providers that allow for torrenting and shouldn't worry you, but there are always other options if this has you rattled.
On a more positive note, the Windows client comes with a lot of excellent features such as auto-connect, IP shuffle for automatically gaining a new IP address in the same location (useful if an IP address becomes blocked by a specific service), and lightning connect (to connect to the fastest server available to you). Unfortunately, split tunnelling is not yet available in the Windows client.
Users get a choice of OpenVPN or L2TP/IPsec encryption. And the OpenVPN encryption is implemented securely. Also good news; this VPN is fast and unblocks a lot of content from around the world. As a result, consumers looking for privacy from their ISP, unblocking capabilities, and WiFi protection - will find this VPN to be ideally suited to the task.
On the other hand, it is worth considering whether you are happy paying for HMA - when you can pay a similar price for a VPN that offers tighter security and better logging practices. At the end of the day, this depends on your personal requirements, and if you need a server in one of the more exotic locations that HMA has - this VPN may be extremely interesting!
The Mac client
It also now has the IP shuffle feature, which randomly changes your IP address at user defined intervals. This adds an extra layer of privacy and makes it harder to track HMA users. In addition, Mac users get:
- An app Kill Switch
- Lightning connect
- Speed Test
- Auto Connect
On the whole, the Mac OS X app is easy to use, and we found it to work without crashing. Having a large choice of server locations is useful, and, because this VPN is good for unblocking Netflix and iPlayer; it could be a worthy choice for people who like to stream.
OpenVPN encryption is available, however, it is worth noting that it is not implemented as strongly as it is with many competing VPNs on the market.
The mobile apps (iOS and Android)
If you are looking for a secure VPN for Android or iOS, the HMA clients are pretty good. The VPN has DNS leak protection built into its clients, and the Android mobile VPN app has a kill switch. Unfortunately the iOS app does not yet have the kill switch.
On Android, subscribers get OpenVPN encryption. On iOS users must settle for L2TP/IPsec. Having a large choice of servers is useful, and for those who aren't particularly paranoid about the minimal logging practices - this VPN is probably a good option ( for example it unblocks Netflix US and iPlayer).
If your primary reason for wanting a VPN for a mobile device is to protect your data on public WiFi - this VPN will do the job fine on either Android or iOS - and it will successfully stop hackers from being able to sniff your data.
If you are looking for a VPN with a completely watertight logging policy, you may want to look elsewhere. Being based in the UK is not ideal, and because this VPN stores connection logs (timestamps and bandwidth used) next to an (albeit slightly anonymized) IP address - this VPN may not be suitable for everybody.
The good news, is that on Mac, Windows, and Android this VPN has a kill switch. It also has DNS leak protection built into all of its clients, and it does not suffer from any concerning leaks from our experience. The kill switch is reactive and it is not system level, which means that if the VPN crashes you will leak data to your ISP. However, the VPN did not crash during our tests, so it should perform fine.
Although HMA permits torrenting, it does ask users never to indulge in illegal downloading while using its service. Thus, if you are primarily looking for a VPN for torrenting we would recommend looking elsewhere.
So, why get HMA? HMA is a service that is not expensive, and if you specifically require a server in a more exotic/rare location (that isn’t covered by other VPN providers) this VPN is a good option. It is also true that this VPN can protect you on public WiFi without issues.
Assuming you aren't someone who requires extremely high levels of privacy, the level of service provided by HMA is likely to be more than enough. We are also happy to report that since the last time we tested the VPN, it no longer suffers from WebRTC leaks that must be manually plugged using an extension.
Speed test results were excellent, which means that this VPN is ideally suited for doing data-intensive tasks like streaming in HD or gaming. Also, don’t forget that this is one of the few VPNs that can unblock BBC iPlayer and Netflix US. A VPN that provides excellent value for money and that is suited to 99% of people’s needs.