ExpressVPN privacy and server technology gets the OK from two new independent audits

The auditors examined the solution’s processes, systems, and controls

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

ExpressVPNsays its privacy policy and core server technology have been validated in two new independent audits from KPMG and Cure53.

The independent auditors from KPMG performed testing on ExpressVPN’s controls framework and interviewed its team members in order to check on the processes, systems, and controls to ensure itsVPNservers were in compliance with its privacy policy.

The audit, which was conducted under the International Standard on Assurance Engagements (ISAE) (UK) 3000 Type 1, included testing ExpressVPN’s policy of not collecting activity logs or connection logs, and that TrustedServer technology operates as it describes.

What else did the auditors find?

Separately, cybersecurity firm Cure53 conducted a source code audit and white-box security assessment of TrustedServer.

ExpressVPN claims the findings were positive and highlighted TrustedServer’s strong security posture, however, auditors did find some: “mostly general weaknesses and minor flaws were spotted.".

“Further, most of them can be evaluated as trivial to fix and resolve”.

Cure53’s auditors elaborated: “It can be positively acknowledged as well that none of the four actually identified vulnerabilities was ranked with a High or Critical severity score, showcasing an already quite robust environment exposed by the ExpressVPN TrustedServer components.”

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

If you are interested in checking the results of the audit in full, you can check out the report by KPMGhereand read the full audit report by Cure53here.

“Regular third-party audits that validate our controls and the results of our internal team’s work, along with other security efforts like our bug bounty program, give us even more confidence that we are protecting our users well,” says Aaron Engel, Head of Cybersecurity, ExpressVPN.

Proton VPN rolls out obfuscated VPN protocol to evade censorship

Kaspersky rolls out major upgrade on its VPN service

Our guide to the best privacy tools

The news comes as VPN technology continues to play a key role in conflict zones around the world.

VPN use reportedly skyrocketed in Cuba followingauthorities disrupting internet accessas part of efforts to crack down on political protesters.

If you’re interested in testing out ExpressVPN’s claims yourself, the company’s$100,000 bug bounty for spotting vulnerabilities TrustedServeris still up for grabs.

Will McCurdy has been writing about technology for over five years. He has a wide range of specialities including cybersecurity, fintech, cryptocurrencies, blockchain, cloud computing, payments, artificial intelligence, retail technology, and venture capital investment. He has previously written for AltFi, FStech, Retail Systems, and National Technology News and is an experienced podcast and webinar host, as well as an avid long-form feature writer.

3 reasons why PIA fell in our best VPN rankings

Is it still worth using Proton VPN Free?

‘That was never the plan’: Arcane creators dismiss claims that the hit Netflix show was going to run for five seasons