VPN software caution

By Lorenz Rychner
This item appears on page 46 of the February 2017 issue.

In the letter titled “VPN-location reminder” (Dec. ’16, pg. 12), Jim Royle makes a good point when he advises readers to each tell their bank and credit-card providers where they’re going so that their transactions, communications and log-in attempts from abroad won’t be refused by their bank’s security apparatus due to “unusual activity.”

He goes on to say that those of us who use a VPN (virtual personal network), which provides Internet access through a proxy server to protect personal identity, must also share the (fictitious) location that the VPN provides. (The user’s actual IP address is replaced by a VPN provider location, so a resident of, say, Los Angeles, California, may send an email or log into his account from Rome but appear to be living in Buenos Aires.)

But there’s a wrinkle worth noting: 

If, as Mr. Royle suggests, you want to give your bank the information about the location associated with your VPN, you need to ascertain that your VPN provider uses that given location every time you log in, no matter where you are.

Your VPN software may have the feature of switching the “spoofed” location (for added security) in one of two ways, as described in the following excerpt from VPN4ALL’s website (www.vpn4all.com):

The “Forced IP Change” in the Options Menu allows you to… change the new IP address assigned to you by our system instantly — with one click.

The “Auto IP Change” option allows you to get a new local IP address in a location of your choice every few minutes. The timed, automated IP change is based on a time interval set by you in the Options Menu of your VPN4ALL VPN Software.

If either of these features is activated, your bank will get emails from you that look like they come from a different corner of the world each time, not from the location YOU gave them.

LORENZ RYCHNER

Denver, CO