TunnelBear is a free and paid VPN aimed at beginners. It has an acceptable logging policy and good security features. Its server network is small and it doesn't work with Netflix, though. TunnelBear is essentially only good for private browsing and securing public WiFi connections.
Overall Rating: 7.4/10
TunnelBear is a popular VPN service owned by McAfee. In this TunnelBear review, you’ll realize from our test findings that the VPN does some things well, and some not.
There is both a free and paid service available. Both versions use secure AES-256 encryption, allow unrestricted torrenting, have a privacy-friendly logging policy and well-designed applications for Windows, macOS, iOS, and Android.
The free version of TunnelBear comes with a monthly data cap of 500MB. This is enough for new users to trial the software, but it’s far too restrictive for regular web browsing.
Both versions of the VPN service use OpenVPN and IKEv2, two of the most secure VPN protocols. TunnelBear’s apps also include key security features like a VPN kill switch and obfuscation tools.
Three independent security audits provide additional reassurance around the VPN service’s security.
Sadly, there are only 23 VPN server locations to choose from. The VPN also fails to work with Netflix or BBC iPlayer.
TunnelBear also has compatibility issues. There is no Fire TV Stick app, and you can’t even install the VPN on a router. Moreover, the mobile apps lack certain essential features.
Overall, TunnelBear isn’t the best nor the cheapest VPN. But, it’s a simple service for masking your IP address and securing your internet connection on public WiFi.
TunnelBear VPN Pros & Cons
TunnelBear VPN Key Data
|Data Cap||Speed||Logging Policy||Data Leaks||Jurisdiction||Servers||IP Addresses||Countries||US Netflix||Torrenting||Works in China||Support||Cheapest Price||Official Website|
|Anonymous Server Usage Data||Anonymous Server Usage Data|
|Canada (Five-Eyes Member)||Canada (Five-Eyes Member)|
|Not disclosed||Not disclosed|
|Not disclosed||Not disclosed|
|Email & Online Resources Only||Email & Online Resources Only|
|$3.33/mo over 3 years||N/A|
TunnelBear VPN Category Ratings
We test and review every VPN in eight key areas. Here’s how TunnelBear performs in each category:
- Privacy & Logging Policy: 9.5/10
- Encryption & Security: 7.4/10
- Speed & Reliability: 8.7/10
- Streaming & Torrenting: 4.0/10
- Bypassing Censorship: 8.5/10
- Ease of Use: 7.8/10
- Customer Support: 7.4/10
- Price & Value for Money: 7.0/10
Learn more about our methodology by reading our VPN testing process.
A Safe VPN Despite Its Problematic Jurisdiction
Logging & Jurisdiction
Privacy & Logging Policy Rating: 9.5/10
TunnelBear does not log information that can lead back to your online activity.
Its logging policy is simple, privacy-friendly, and transparent, listing all the data collected alongside reasons for doing so.
- Bandwidth usage
- OS version (e.g. iOS 7)
- App version (e.g. Windows version 2.1.1)
- Whether or not you have used the VPN in a given month
Close to Being No-logs
Crucially, TunnelBear doesn’t keep browsing history records, DNS requests, originating IP address, or connection timestamps. In other words, the service is very close to being completely no-logs.
Here’s a full breakdown of the account data the company collects:
And here’s a table outlining all the operational data TunnelBear collects:
The only personally identifiable information TunnelBear logs is your email address, to prove you have an account. There are no logs that reveal which websites you’ve visited or when you’ve used the VPN.
TunnelBear’s Transparency Reports
The company also issues an annual transparency report detailing any government requests for user data.
Worringly, TunnelBear admits to confirming a user’s email address to authorities, although no usage information has ever been handed over.
No Server Breaches or Logging Scandals
There have been no known incidents of server breaches or logging scandals associated with TunnelBear, either.
TunnelBear is Based in Canada
TunnelBear was founded in 2011 in Canada by Daniel Kaldor and Ryan Dochuk. It was subsequently acquired by antivirus software company McAfee in early 2018.
The VPN company still operates a separate team within McAfee, meaning the same employees continue to work on the VPN post-acquisition.
“Use your information according to Canada’s laws, regardless of which country you are located in.”
Subject to Canada and US Data Laws
While TunnelBear’s headquarters are in Toronto, its new ownership means that it’s also subject to US data laws.
Both the US and Canada form an integral part of the Five-Eyes data-sharing alliance, an organization designed for the world’s most powerful nations to collect and share surveillance intelligence.
Moreover, both jurisdictions are known to prosecute for minor copyright violations, which is important information if you want to use a VPN for torrenting.
While TunnelBear can be subpoenaed by Canadian and US authorities, its robust logging policy and regular transparency reports prove it’s still a trustworthy and private VPN.
TunnelBear’s Security Audits
To prove its commitment to transparency and user safety, TunnelBear has undergone several independent security audits.
In January 2017, Byte 255 looked into TunnelBear’s code and published the results on Hacker Noon. The article concluded the VPN has no privacy flaws and doesn’t collect any unnecessary telemetry data.
TunnelBear also commissioned cybersecurity company Cure53 to carry out three yearly independent security audits since 2017. These audits looked into TunnelBear’s apps, code, and infrastructure.
Cure53 discovered 12 vulnerabilities of varying severity, and helped TunnelBear fix them and future-proof them. The audit concluded that TunnelBear is “a clear frontrunner among its VPN competitors when it comes to security.”
How Fast is TunnelBear?
Speed & Reliability
Speed & Reliability Rating: 8.7/10
TunnelBear has been slow in the past, but our most recent speed tests showed promising improvements. On local connections it was even faster than top VPNs like ExpressVPN, IPVanish and Surfshark.
Surprisingly, the free version of the VPN was almost as fast as the premium, with very little slowdown.
In essence, TunnelBear’s speed performance has been improving over time, with fast speeds on both local and international connections.
However, we did experience some connection drops during testing, and it generally took a number of seconds for the app to connect.
Local Speed Tests
Before using TunnelBear VPN:
When connected to TunnelBear VPN:
To test the VPN service’s speeds manually, we recorded our internet speed before and after connecting to TunnelBear.
Connecting within the UK, we measured a download speed loss of just 7%:
- Download speed without TunnelBear: 96Mbps
- Download speed with TunnelBear: 89Mbps
- Download speed loss when TunnelBear is running: 7%
High Ping Times
TunnelBear’s ping times are relatively high, so you may experience some lag when playing online games.
Using a VPN for gaming is useful to unblock geo-restricted games or prevent ISP throttling. If that’s what you want to do, read this article to find the best VPN for gaming.
Long Distance Speed Tests
We were surprisde by TunnelBear’s international speeds. We recorded a speed loss of just 30% connecting from the UK to the US, down from 96Mbps to 67Mbps. More or less what the fastest VPNs deliver.
TunnelBear’s speeds connecting to Europe were also very fast. This means you can stream video content from overseas without experiencing significant speed drops.
Below are the average download and upload speeds we recorded connecting from the UK to servers in Germany, Singapore, Australia, and the US:
- USA: 67Mbps (download) & 16Mbps (upload) – 30% download speed loss
- Germany: 81Mbps (download) & 91Mbps (upload) – 15% download speed loss
- Singapore: 54Mbps (download) & 20Mbps (upload) – 43% download speed loss
- Australia: 56Mbps (download) & 10Mbps (upload) – 42% download speed loss
Connecting to Australia was slower – a 43% drop – but this is typical considering the distance, and is actually a very good result. Just 15% speed loss connecting to Germany from our UK location is also very strong.
However, TunnelBear’s speeds aren’t the best international ones we’ve tested – Hotspot Shield’s are even quicker. Nevertheless, they’re more than fast enough for smooth HD streaming.
TunnelBear’s Speed Compared to Rival VPNs
We tested TunnelBear’s speed manually, but we also run automated speed tests using our in-house speed test tool.
The graph below shows TunnelBear’s average download speed loss compared to rival VPN services. The lower the percentage the better. These results are based on tests that run four times a day, every day from the New York server we own. We cap speeds at 100Mbps to recreate a typical home internet connection.
As you can see from the chart above, TunnelBear is lagging top VPNs both in speed loss and consistency. Speed loss was as much as 28% at times. The ideal VPN is consistently fast, like ExpressVPN, with only 5% speed loss.
TunnelBear’s ping score over this period isn’t good, either. Latency was as high as 71.48ms. On the other hand, NordVPN recorded only 3.03ms!
TunnelBear is No Good for Streaming
Streaming & Torrenting
Streaming & Torrenting Rating: 4.0/10
TunnelBear is not a good VPN for streaming. It doesn’t unblock region-restricted content on Netflix, Disney+, or BBC iPlayer, which is hugely disappointing.
Netflix, and other platforms we tested, all detected we were using a VPN or proxy. It is highly unlikely TunnelBear will work with popular streaming services.
If you do find a TunnelBear server that streams Netflix, the lack of city-level server locations means there are no backup options if that server stops working.
Is TunnelBear Good for Torrenting?
TunnelBear is not very good for torrenting. The VPN service even used to forbid P2P traffic on all its servers, although now it’s allowed across its entire server network.
However, torrent download speeds are slow compared to the top-rated P2P VPNs. TunnelBear recorded a bitrate of only 4.8MiB/s, versus IPVanish’s of 15.6MiB/s or ExpressVPN’s of 13.2MiB/s.
What’s more, the terms of service state that using TunnelBear for illegal activity (such as breaching copyright law) is forbidden.
If the company believes you have violated this agreement, it retains the right to terminate your account without notice.
The company’s support team clarified to us that users should be able to share files on the network. They recommended using servers in Canada, US, UK, Romania, Netherlands, Germany, or Sweden.
On the plus side, the VPN kill switch called ‘VigilantBear’ works well on Windows, MacOS, and Android devices. This will keep your IP address concealed if your VPN connection drops.
Also, the VPN service’s logging policy is good enough to keep your torrenting activity private. And we didn’t detect any IP leaks using our torrent leak test tool.
Torrenting is now also permitted on TunnelBear’s free VPN, but the 500MB/month data cap will prevent you from downloading many files.
Solid Security Features but Lacking Configurability
Encryption & Security
Encryption & Security Rating: 7.4/10
Despite its playful design, TunnelBear is an extremely secure VPN.
Both the free and paid versions are highly encrypted, using the OpenVPN protocol and AES-256 cipher for Windows, MacOS, and Android. The IKEv2 protocol is also available on iOS and Windows.
Both IKEv2 and OpenVPN are secure and reliable VPN protocols, though OpenVPN is the current industry-standard.
Secure Protocols and Encryption
Here’s a breakdown of the different protocols and ciphers TunnelBear uses for each of its apps:
No Major IP Address Leaks
Using our VPN leak test tool, we didn’t experience any IP address or DNS leaks using TunnelBear’s VPN apps. Your IP address will therefore remain hidden while browsing, streaming and torrenting.
But, the Firefox browser extension did leak our WebRTC address at first, although TunnelBear quickly fixed this flaw.
Full Disk Encryption and Private DNS Servers
A report by the Center for Democracy & Technology also reveals that each TunnelBear server is protected by full disk encryption, malware scans, and intrusion protection software.
TunnelBear VPN also uses private DNS servers, perfect forward secrecy and a secure Diffie-Hellman key exchange. The latter ensures you’re connecting to a verified TunnelBear server every time you use the VPN.
Narrow Range of Good Security Features
TunnelBear offers a small selection of advanced security features. The service uses unique terms to refer to widely-known security features, so we’ve translated them for you in this table:
TunnelBear’s VPN kill switch is called ‘VigilantBear’. It blocks web traffic if the VPN connection gets disrupted. This prevents your true IP address from being exposed, and is an essential feature of any top-tier VPN.
VigilantBear is available on Windows, Mac, and Android devices, but not on iOS devices. This is very common due to Apple’s strict guidelines, but it’s not impossible and VPNs like Private Internet Access offer a kill switch on iOS.
Another useful feature is TunnelBear’s ‘GhostBear’ (obfuscation) protocol.
It’s designed to mask your VPN traffic as ‘normal’, making it harder for governments, businesses, and ISPs to detect and block your VPN connection. it will slow your traffic, though.
Missing Extra Tools
Aside from the features above, TunnelBear isn’t very configurable and lacks more advanced security settings.
For example, there is no port forwarding or double (multihop) VPN, and you can’t control your encryption settings with much detail.
IP, DNS and WebRTC Leaks
IP and DNS leaks can expose personal information like your IP address, physical location, and browsing activity. We test every VPN for IP, DNS, and WebRTC leaks, to make sure it is leak-proof.
TunnelBear passed all of our VPN leak tests. The kill switch also worked to shield our IP address on Windows, MacOS, and Android.
TunnelBear operates its own zero-log DNS servers and it doesn’t record any of the websites you visit. This also ensures your ISP isn’t able to monitor your web browsing activity.
When Mozilla released Firefox 73.0, many VPN browser add-ons began to leak WebRTC requests. So did TunnelBear’s, but the service’s engineers fixed the issue almost immediately. Now all of TunnelBear’s browser extensions are leak-free.
Trackers, Malware and Permissions
We used the εxodus tool to scan TunnelBear’s Android app for trackers and dangerous permissions.
Reassuringly, we can confirm the Android app contains no trackers whatsoever.
This result is ideal for privacy and isn’t as common as you’d think. Some of the best VPNs contain marketing and bug trackers – even NordVPN has seven.
While TunnelBear might need to wait for users to report crashes instead of actively tracking them, this method is preferable for those seeking the highest levels of privacy.
The app also uses eight permissions, none of which are of concern. Finally, we put TunnelBear through a virus and malware scan to test for any malicious software it may contain, and we found none.
Only 23 Countries Available
TunnelBear has a very small VPN server network covering just 23.
The most popular server locations among VPN users are present. You’ll find servers in the US, UK, and Australia, as well as France, Germany, and the Netherlands.
There are also servers in India, Japan, and Singapore, and limited options in Mexico and Brazil. However, TunnelBear has no VPN servers at all in Africa.
If you’re looking for a large number of server locations then we don’t recommend choosing TunnelBear. Top VPN services offer at least 60 locations, if not more. Our Private Internet Access review, for example, details the services much larger server network.
Undisclosed Number of Servers and IP Addresses
TunnelBear isn’t transparent about the exact number of servers or IP addresses it maintains. There is no way of knowing how well distributed traffic will be in any given location.
No Dedicated Streaming or P2P Servers
There are also no dedicated servers for streaming or torrenting. Users will therefore have to cycle through locations until they find a server that works for them.
No City-level Servers
There aren’t any city-level servers, either. This is particularly frustrating for US users looking to find a server close to home, or users in large countries like Australia.
All TunnelBear servers are physical (bare-metal), rather than virtual. In other words, they are physically located where you expect them to be.
TunnelBear Owns its Servers
TunnelBear also owns its server network, so there are no additional third parties involved in the management of the servers.
Controlling your server infrastructure goes a long way in helping prevent vulnerabilities. The NordVPN hack proved that using third-party data centers can pose a significant risk.
Does TunnelBear Beat Strict Censorship?
Bypassing Censorship Rating: 8.5/10
On paper, TunnelBear has the right tools to bypass strict web censorship, especially in China.
In reality, it can’t beat aggressive web censors, unlike these anti-censorship VPNs.
Its obfuscation feature called GhostBear, TunnelBear is still good for connecting out of less aggressively-censored countries like Turkey.
The GhostBear protocol disguises (obfuscates) VPN traffic to bypass deep packet inspection (DPI) and VPN blocks. The protocol is built into the app and included on Windows, MacOS, and Android.
To enable the GhostBear feature, access the settings menu and navigate to “security”. Here, check the box marked “GhostBear.”
Limited Device Compatibility
Platforms & Devices
TunnelBear comes with custom VPN apps for Windows, MacOS, iOS, and Android devices. The VPN can also be manually installed on Linux devices, too.
Both the free and paid versions of TunnelBear allow you to use up to five simultaneous devices using just one subscription, which is the standard limit for VPN services.
No Router Support and No Fire TV App
It’s not possible to set up TunnelBear on a router. There are also no apps for Amazon Firestick or Android TV, and no Smart DNS tool.
Basically, you won’t be able to use TunnelBear on games consoles, Apple TV, Roku and smart TVs.
This disappointing lack of compatibility clashes with its user-friendly image.
Your TunnelBear plan includes browser extensions for Chrome, Mozilla Firefox, and Opera.
All three browser add-ons are easy to add to your browser with no manual configuration necessary.
Remember that browser extensions only encrypt web traffic from your browser, while the full VPN client encrypts all traffic to and from your device.
It’s shame that TunnelBear’s browser extensions don’t include any extra features like an ad-blocker, for example. However, the company operates a standalone ad-blocker extension called Blocker.
Simple Apps Easy to Install
Ease of Use
How to Install & Set Up TunnelBear VPN
Ease of Use Rating: 7.8/10
TunnelBear’s apps are extremely simple and easy to use. The small number of advanced features on offer may not satisfy experienced users, but if you’re just getting started with using a VPN it makes the process much easier.
Setup is also very easy for the custom apps – just download the software from the TunnelBear website and sign in. It’s a little more complicated for Linux, but there are simple step-by-step instructions for Linux installation on the TunnelBear website.
All the TunnelBear apps use the same design, so you’ll have a familiar experience no matter which device you’re using. That said, there is some variability in the features available on each platform. The iOS app has no VPN kill switch or obfuscation technology, and there is no option to switch between protocols on any device.
We’d like to see a search function included to help users easily find their closest location. A list of servers with basic information such as load and ping time would also be an excellent addition for usability.
Overall, TunnelBear opts for a unique approach that’s best suited to beginners. The mobile and desktop applications are practical and fine for simple use, but there are lots of better and more feature-rich VPNs available. Experienced users looking for lots of advanced settings might be happier with a different provider.
Like all of its applications, TunnelBear’s Windows client is very simple. By default, it only shows you what’s absolutely necessary: your location, the tunnel you’re using, and the location you’re connected to.
The main screen consists of a large black and white map with orange tunnel icons where each of TunnelBear’s servers are located. You can click on the tunnels to connect to a particular server, or use the drop-down list at the top of the app. There’s also the option to connect to the ‘Fastest’ server, which is usually the one closest to your physical location.
When the VPN is connected the slider at the top will turn orange and say ‘On’, and the map will change to full color. To disconnect, just click the slider.
By clicking on the cog symbol on the left-hand side of the app you can access TunnelBear’s settings menu.
The client doesn’t have many settings, but the few you get are useful. There’s obfuscation and a VPN kill switch, along with the option to load the VPN automatically when Windows starts. You can also set the client to automatically connect whenever you use a WiFi network that you haven’t marked as “trusted”.
All the settings can be toggled on and off easily, and there are tool tips to help further explain certain features to beginners.
There is no option to change protocol, though you can switch between TCP and UDP connections. Otherwise, the app selects automatically between OpenVPN and IKEv2.
Overall, TunnelBear’s Windows client isn’t bad. If your needs are simple you might find it’s the perfect way to encrypt your connection without any hassle. However, there’s lots of scope for improvement and the client’s interface and basic feature list could disappoint more experienced users.
TunnelBear’s MacOS client is a menu bar app, which isn’t as easily accessible as the other free-standing apps on offer.
It’s much like the Windows app with a colorful map and bear animations, making it much easier on the eye compared to other VPN apps.
You’ll find the the same features in the settings menu too, which include:
- Trusted Networks
- TCP override
The Android app is almost exactly the same as TunnelBear’s desktop apps, but with even fewer settings. There’s obfuscation and a VPN kill switch, but no Trusted Networks or TCP Override.
The ability to use split tunneling is unique to the Android app, though. This feature allows you to select apps or services to route outside of the VPN tunnel, which can be useful for websites that need access to your real location.
There are also a couple of features that add to TunnelBear’s cutesy approach to online security. There are Bear Sounds and Cloud settings, which enables cloud graphics to float over the map.
As is usually the case with VPN iOS apps, TunnelBear’s iOS client is the most stripped-back of all its native applications.
The only settings on offer are Trusted Networks and Bear Sounds. There’s no VPN kill switch or obfuscation technology. The iOS app also automatically selects the VPN protocol – either OpenVPN or IKEv2.
No Live Chat Support
Customer Support Rating: 7.4/10
TunnelBear does not offer live chat support. Instead, there is an online ticketing system, and a chatbot incapable of answering many simple questions.
For a VPN aiming to provide a simple experience for beginners, the inability to provide immediate customer support is disappointing.
Many premium VPN services like ExpressVPN offer 24/7 live chat to help troubleshoot user queries.
Good Ticketing System
At least, the company’s ticketing system works well. We received full responses in a fast, polite, and friendly manner. That said, it’s certainly not as convenient as the instant support live chat provides.
Extensive Online Resources
There is also an extensive online help section covering troubleshooting, FAQs, and billing.
The focus is on VPN newbies, so there’s not much information regarding protocols, encryption, or technical implementation.
Interestingly, the connection issues page does contain some information about ports and tethering.
No Refund Guarantee
Pricing & Plans
Price & Value for Money Rating: 7.0/10
The paid version of TunnelBear has three subscription plans. There is no full free trial, or a money-back guarantee.
TunnelBear’s monthly plan is the most expensive, giving you unlimited data for $9.99 per month. The yearly plan costs $4.99 per month while the three-year plan costs $3.33.
These prices are towards the low end of the typical VPN price range. We don’t think it’s particularly great value for money, though, given the VPN’s streaming and P2P issues.
Payment & Refund Options
TunnelBear accepts a limited number of payment methods, including credit and debit cards, Bitcoin, and BitCash.
We like the option to pay via anonymous cryptocurrency. But you can’t pay using PayPal, which is uncommon for a VPN service.
There isn’t an option to use other international methods like AliPay or UnionPay, either.
TunnelBear Has Pros and Cons
The Bottom Line
TunnelBear is a well-designed and safe VPN that makes a great choice for beginners looking to secure their traffic and hide their IP address at home or on public WiFi.
It’s a good choice for privacy with top-notch encryption, multiple security audits and a water-tight logging policy. That said, its Canadian jurisdiction might put some more serious users off.
Though secure, TunnelBear is not a VPN aimed at experts. There’s a limited number of server locations, a lack of advanced security features and it doesn’t work in highly-censored countries like China. Similarly, it cannot unblock Netflix or BBC iPlayer and it isn’t compatible with routers or other streaming devices.
We’d like to see improvements to TunnelBear’s iOS app, lacklustre live support, and overall platform compatibility. If you’re an advanced user looking to stream content from overseas or play with lots of configurable settings, we’d recommend looking elsewhere. If you’re a beginner and you simply want to securely hide your IP address for a decent price, TunnelBear might be the VPN for you.
Additional research by David Hughes
Alternatives to TunnelBear VPN
Unlike TunnelBear, CyberGhost is great for streaming, with dedicated servers that unlock Netflix, BBC iPlayer, and more. It has more configurable options but is still very easy to use. You can install CyberGhost on routers, too. Read CyberGhost review
Surfshark is another beginner-friendly VPN, and it provides over double the number of server locations that TunnelBear has. It also works well with streaming services and devices. Read Surfshark review