A virtual private network, or VPN, shields your web traffic from the prying eyes of your ISP, making it harder for spies and advertisers to track you online.
Hotspot Shield VPN has a handsome app and an array of security services that go far beyond VPN protection.
It also boasts an impressive collection of servers around the globe, giving you many options for spoofing your location.
The core VPN product is expensive, however, and its privacy policies are transparent but hurt by a few tradeoffs.
While other VPNs have worked to make clear and concise arguments about how they protect their customers, Hotspot Shield continues to be a complicated story.
How Much Does Hotspot Shield Cost?
Hotspot Shield is one of the few VPN services that offers a free subscription tier.
That comes with limitations, however.
The free Basic subscription of Hotspot Shield restricts you to only US VPN servers, one simultaneous connection, and 500MB of bandwidth per day.
That's generous, compared to TunnelBear's free version, which limits users to 500MB per month.
Editors' Choice winner ProtonVPN, meanwhile, places no limit on the amount of data free users can consume.
The generosity ends there, though.
Hotspot Shield takes the unusual measure of throttling free accounts to just 2Mbps.
That's extremely slow, even for mobile devices.
Hotspot Shield also monetizes its free version on Android.
See below for more on the privacy implications of this practice.
The Premium subscription offers five simultaneous connections, provides full access to Hotspot Shield's servers, and has no data limit.
It costs $12.99 per month and is the tier I used in testing.
The highest tier, called Premium Family, increases the number of simultaneous connections to 25 across five member accounts and costs $19.99 per month.
At $12.99 per month, Hotspot Shield is significantly more expensive than the $10.05 per month average from among VPNs we have tested.
You can also opt for a one-year subscription.
The Premium subscription costs $95.88 per year and the Premium Family subscription costs $143.88 per year.
Again, that's pretty hefty compared to an average of about $71.93 among the services we've tested.
We advise readers to avoid long-term subscriptions—at least at first.
You won't know whether a VPN will work for you until after you try it.
So, grab the short-term deal or free version and then upgrade if the service works well for you.
Other standalone VPNs come in significantly less costly than Hotspot Shield.
Mullvad, an Editors’ Choice winner, costs a mere €5 ($5.55 USD at the time of writing) per month, and a limited ProtonVPN account can be had for just $5 per month.
You can pay for a Hotspot Shield subscription by using a major credit card or PayPal.
Other services offer more privacy-friendly options.
ProtonVPN, Mullvad, and Editors' Choice winner IVPN accept cash mailed to their corporate HQs.
Cryptocurrency support is also fairly common among VPNs, but it's not an option with Hotspot Shield.
As with nearly every VPN service we've reviewed, Hotspot Shield lets you use P2P file sharing and BitTorrent on its network.
It also includes a split-tunneling feature, which lets you designate what traffic flows through the tunnel and what can travel in the clear—handy for streaming video or using a bank that frequently blocks VPN traffic.
As noted, a Premium subscription with Hotspot Shield lets you use five devices simultaneously, which is average for the VPNs we've tested.
That seems to be changing, however.
Several competitors now offer more, and some have ditched this limitation altogether.
Avira Phantom VPN, Encrypt.me VPN, Ghostery Midnight, Surfshark VPN, and Windscribe VPN all place no limit on the number of simultaneous connections.
(Editors' Note: Encrypt.me is owned by J2 Global, the parent company of Ziff Davis, the publisher of Daxdi.com.)
Hotspot Shield doesn't provide access to the Tor anonymization network.
That's okay, since you don't need a VPN to access this free anonymization network.
Hotspot Shield also doesn't include multihop connections, which route your traffic through a second server for enhanced security.
Both Editors' Choice winner NordVPN and ProtonVPN offer these rare—if also rarely needed—features.
It's important to know what a VPN can and can't do, however.
To really disguise yourself online, you should route your traffic through the labyrinthine Tor network.
You should also protect your machine with standalone antivirus, protect your accounts by activating two-factor authentication wherever it's available, and use a password manager to create unique, complex passwords for every site and service.
The Allure of Aura
With a paid Hotspot Shield VPN subscription you get free subscriptions for 1Password password manager, Robo Shield call blocker, and Identity Guard identity theft protection service.
Recently, Hotspot Shield's parent company also launched an antivirus product as an optional add-on purchase for $5.99 per month or $39.99 per year.
These additional services are offered by Aura, which absorbed Hotspot Shield in July 2020.
While the previous branding, called Pango, has disappeared, the services appear to remain the same.
A representative assured me that customers will not be charged extra for these services, and that they will remain available for as long customers maintain a Hotspot Shield account.
This review focuses on Hotspot Shield as a standalone product, but it's impossible to ignore this sizable bundle.
It's certainly a lot for your dollar, and nearly puts Hotspot Shield in the same category as a security suite that includes a VPN, or a more privacy-focused tool like Ghostery Midnight.
Some other VPNs offer additional services.
ProtonVPN is the sibling of ProtonMail and a host of privacy-focused tools.
Editors' Choice winner TunnelBear offers a password manager, as does NordVPN, which also throws in an encrypted file locker.
The difference is that most of these add cost to the VPN subscription, while everything you get with Hotspot Shield is included.
Hotspot Shield's VPN Protocols
For years, we considered OpenVPN the best option for creating an encrypted VPN connection.
A new player, WireGuard, uses newer encryption technology and seems to offer better speeds.
It hasn't seen widespread adoption yet, and Hotspot Shield supports it only on Linux.
That's alright for now, but WireGuard is poised to become an industry standard.
Hotspot Shield created its own protocol, called Catapult Hydra, and, until recently, used it exclusively to power Hotspot Shield.
To be clear, the company didn't create a new encryption protocol.
A new encryption protocol would require an enormous amount of scrutiny since an undiscovered flaw could be used to break it.
A company representative explained that Catapult Hydra uses the Open SSL library to encrypt the data and that the new protocol is simply "an enhancement of the transport protocol." The company had also previously told me that Hydra creates multiple channels for data to travel to increase speed and reliability.
IKEv2, a secure and modern option, is available on Windows and iOS.
OpenVPN, the open-source protocol which I prefer, is available only on routers.
Notably, Hotspot Shield took the title of fastest VPN in 2020, and while it didn't manage a repeat performance in 2021 (see below) it held its own against other services equipped with WireGuard.
Servers and Server Locations
Hotspot Shield says it provides servers in "80+" countries.
That's a strong selection, and not far behind the 94 countries served by ExpressVPN.
Servers in more places gives you more options for spoofing your location, and it means there's likely to be a server near your location.
Especially notable is the variety of locations served by Hotspot Shield.
It has servers in four African countries and servers across South America, two regions frequently ignored by VPN companies.
Hotspot Shield also provides servers in regions with repressive internet policies, such as China, Russia, Turkey, and Vietnam.
Hotspot Shield has a respectable 1,800-some servers available.
CyberGhost has the biggest fleet we've seen, with over 6,800.
Having more servers doesn't necessarily mean better service, but it does generally mean you have more options to find something that works.
Many VPN services use virtual servers, which are software-defined servers.
A single machine could play host to several virtual servers.
Similarly, a virtual location is a server that's configured to appear somewhere other than where it physically resides.
Neither is inherently problematic, but we prefer that companies be clear about their infrastructure and where it is located.
If your data passes through a given country, you might be subject to that country's laws or surveillance regimes.
Hotspot Shield tells me that it relies only on hardware servers.
That said, it was more vague on virtual locations, saying only that 90% of its fleet was physically located where it appeared to be.
The company needs to be more transparent about these practices, especially in its app.
In contrast, Mullvad VPN lets you know exactly where the server is, whether it's owned or rented, and what company physically possesses the server.
An Aura representative confirmed for me that Hotspot Shield shares server infrastructure with five other VPN companies owned by Aura.
They are: Betternet, Hexatech, TouchVPN, VPN360, and VPN in Touch.
Hotspot Shield VPN has been white-labeled in the past, so it's not surprising to see that it's sharing space with sibling companies.
The company takes measures to secure its infrastructure but does not own all its servers, which is not unusual.
Some VPN companies, such as ExpressVPN, have migrated to RAM-only servers to prevent tampering.
Hotspot Shield says it has other security mitigations in place.
Your Privacy With Hotspot Shield
If it were malicious, a VPN could see everything you do online.
That's why it's important to understand what efforts a company makes to protect your privacy.
Remember that security is built on trust.
If you do not feel that you can personally trust a VPN company, you should switch to one you do.
There are plenty to choose from.
Hotspot Shield VPN is owned and operated by Pango Inc.
dba Aura, which is incorporated in the US state of Delaware.
The company says it has a "distributed workforce" in the US and Ukraine.
The parent company for Aura is WC SACD Holdings Inc.
Some companies tout their offshore HQs as a check against requests for information by governments and law enforcement, but Aura does not.
Many VPN companies release third-party audits of their products to establish security and privacy bona fides.
Hotspot Shield VPN has yet to release the results of an audit.
TunnelBear, on the other hand, has delivered annual audits for several years.
Hotspot Shield company issued a lengthy and detailed transparency report for 2016 through 2018, which indicates it has never released user information despite numerous requests.
However, this report is not easy to find—here's a PDF link to it—and the company should commit to releasing updated reports annually.
Two documents cover your privacy with Hotspot Shield.
The first is a broader policy related more to Aura's overall operation.
The second is focused solely on VPN products.
I looked at both documents.
There's been some effort to bridge the gaps between the two, with the former calling out specific differences with the latter.
To its credit, the company is transparent in all of its documents.
I absolutely understand what the company says it’s doing and why, even if I don't always agree with it.
The company says that it does not store any information on users' browsing activity.
The company does gather your IP address to match you to the best VPN server, but that information is encrypted during use and deleted at the end of your VPN session.
The company says it does not have the ability to connect activity at a given server with a specific person using that server.
This is a better practice than some other VPNs.
The company does log session duration and the amount of data used, to enforce its policies.
It also stores device hashes (that is, theoretically anonymous identifiers), but the company says these are not linked to user activity.
The company says that it must collect this information because it does not require users to create an account to use the product.
Other companies can provide services without these practices.
Company representatives explained to me that Hotspot Shield also logs the domains—but not complete URLs—of sites accessed by each VPN server, with a timestamp.
This is also outlined in the privacy documentation.
The company tells me there is no way to connect this information to individual users, and that this is done to improve service.
Some competitors have similar practices, but I'd like to see Hotspot Shield find creative ways to further protect user data.
A Thorny Question of Free Privacy
It's always difficult to ascertain whether a VPN is acting in its customers' best interests, but even more so with Hotspot Shield, because it chooses to monetize its free subscription in a way that other companies we've reviewed simply do not.
Hotspot Shield deserves credit for its efforts at transparency, but the consequences of the company's decision to profit from its free users mean that its efforts toward privacy will always come with an asterisk.
In all of my conversations with the company over many years, representatives have stressed that they feel a moral obligation to provide a free VPN product to help people living under oppressive regimes.
But they also insist that they must pay for it with ads on the Android version of its app.
This is done with ad network SDKs and Google Ads, both of which gather user information to target advertisements.
I should stress that this is only an issue for the free Android version of the app; these privacy concerns do not apply if you purchase a subscription or use the free subscription on a different platform.
You could argue that targeted advertising in the free Hotspot Shield Android app is no worse than any other ad-supported app, or even browsing most websites, and that the cost in privacy is weighed fairly against free VPN protection for everyone.
Yet ProtonVPN and TunnelBear both also offer free subscription tiers but do not monetize their users.
A VPN is intended to improve your privacy, and we believe it must be held to a higher...
