PureVPN
Safe Zone

We check each attempt to login to the PureVPN system – hardware and software. Every IP address that can access our servers must be on our pre-approved list.

Our server access is managed and reviewed in a central place. Once an access request is safe, server access is only granted with a time limit and a one-time password (OTP).

The place where we store PureVPN’s source code is also protected by a Multi-Factor Authentication (MFA) process.

Before we launch updates, fixes, or improvements for PureVPN; multiple teams sign off on the code before the final stage. We also integrated a secure scanning tool that tells us if we missed something or made a mistake.

Then, we bring in a qualified outside team to test our security and validate our code.

We want to make sure there is no leakage from the PureVPN tunnel. That’s part of what keeps our customers safe and private.

That’s why we developed open-source tools to test for any leakages. You can download or use these tools at any time on our website:

• WebRTC Leak Test
• IPv6 Leak Test
• What’s my IP?

Inside the PureVPN system are firewall rules, memory protection, specific user roles, and so many more restrictions that make sure our system runs like it’s supposed to.

Every week, we give PureVPN a complete scan for any threats.

We also have an internal system that tells us if any vulnerabilities appear outside of those routine scans.

Our PureVPN security team members are all notified if something goes wrong. This makes sure potential problems are solved in the fastest possible time frame.

We randomly schedule policy compliance scans to make sure we are doing everything we can to stay completely secure.

Inside our structure and digital assets, we’ve housed a prevention system that is always on.

Should there be any malicious events, this system detects them and removes them.

We also route every visit to PureVPN through a firewall to prevent attacks like DDoS.

At PureVPN, we encourage our developers and engineers to try their absolute best to get through our security systems.

After that, we bring in other companies and ask them to try getting through.

We do this to make sure that even the people who code our software have a hard time trying to break through it.

When we release new updates, apps, or internal technology; it’s done by a machine with special access.

This is because we enforce a strict baseline for our security procedures at PureVPN, based on the best of international standards.

All of our firewalls reject traffic unless we instruct them to do otherwise, through a series of authorizations.

We use dedicated workstations to complete certain tasks, making sure they only have access to do those specific things.

Monitoring software also makes sure we stay compliant with our security rules, and maintain the integrity of any important PureVPN files.

PureVPN exists in many different places. For example: if someone is logged onto this website, they cannot access our internal databases.

We carefully craft interaction between all of our API gateways, so only the required information goes where it needs to.

We encrypt and prevent the export of any consumer data from PureVPN.

At each end of our software, we place security controls to limit and stop the spread of malware. We even go so far as to block access to websites that have malicious code embedded in them.

An automated software patches PureVPN systems with updates and encryption. We also use software that monitors the hosts of our systems and keeps us updated on their status, or unusual events.

From the moment employees or contractors sign on, we are part of the PureVPN security awareness program.

We make sure everyone understands how to do their part in keeping PureVPN secure.

Each person on our global, international team only has relevant security clearance.

All of our vendors and partners are also double-checked for third-party security compliance.

No one can access PureVPN without permission.

We’ve built strict controls into powerful technology to ensure that we contain specific activities to the right place.

Anyone who logs on to PureVPN servers or the internal system is on a time limit.

This gives us the confidence to offer you the world’s best in cybersecurity through PureVPN.

Outside contractors from KPMG certified us as a “no-log” VPN Service Provider.

They randomly check in with us to make sure we are not logging any VPN data from our customers.

What does “no-log” mean for you?

It means we do not store any of the data you make when you use PureVPN.
We can’t see what you do online or link back to you at all.
To find out more about how KPMG evaluates PureVPN, you can read this article:
PureVPN Excels KPMG’s Always-On Audit Setting an Industry Benchmark

When you get customer support, our Customer Success Agents can only access your account by using a pre-approved IP address, and verifying their identity through Multi-Factor Authentication (MFA).
We use a third-party payments provider to process your subscription to PureVPN, so we can’t see any of your credit card details or payment information.

In 2021, we moved the legal jurisdiction of PureVPN to the British Virgin Islands.

Because of this, we are not legally required to store any kind of data.

To find out more about why we moved our headquarters, you can read this article:

PureVPN Moves From Hong Kong To British Virgin Islands

The GDPR (General Data Protection Regulation) is a set of rules that require all businesses to protect the personal data of the people who use their online services and resources.

We are required by law to follow these rules, which include asking your consent to share any of your PureVPN customer data with third parties.

If we don’t, we could get into serious trouble.
These rules began in 2018, and we have made sure that PureVPN follows them since they came into effect.

To learn more about our privacy policy, you can see it here: Pure VPN Privacy Policy

These keys are called “Quantum-Resistant Encryption Keys”.

They protect you while you’re using PureVPN because they help prevent cyber threats, like someone getting your password through a Brute Force attack.

Right now this extra (not necessary, but future-thinking) layer of PureVPN protection is only available for you if you are in one of these areas:

• Australia
• Canada
• Netherlands
• UK
• USA

We are working on getting this feature to you, no matter where you use PureVPN.