Between 2020 and 2023, global spending on network security equipment surged from $15,626 billion to $21,384 billion^[1]. This increase in investment is a response to the increasing frequency of cyberattacks, which have also become more difficult to detect. As threats evolve, individuals and businesses are turning to advanced technologies to safeguard their digital assets.

One such technology is the Virtual Private Network (VPN), a tool that provides a secure, encrypted connection between devices and servers in the network. VPNs use various communication protocols to ensure the security, speed, and reliability of these connections. Among these protocols, two stand out for their widespread use and distinct characteristics—User Datagram Protocol (UDP)^[2] and Transmission Control Protocol (TCP)^[3].

This guide on UDP vs. TCP VPN protocols will describe how they work, their security features, and typical applications. You'll also learn about a way to protect your financial information in situations where VPNs cannot help. 

An Overview of the UDP Protocol

UDP is a core component of the Internet Protocol Suite. Also known as UDP/IP, this suite ensures that data packets are correctly addressed, routed, and delivered across computer networks, allowing devices to communicate with each other seamlessly.

UDP facilitates the transmission of datagrams—small units of data—prioritizing speed and efficiency over guaranteed delivery^[4].

UDP is often employed in scenarios where real-time data transmission is essential, such as live broadcasts and online gaming. These applications can afford occasional data loss in favor of maintaining real-time interaction.

UDP's defining features include:

• Statelessness—UDP doesn't keep track of previous interactions or maintain any memory of past communication.
• Connectionless—The protocol doesn't set up a dedicated connection before transmitting data, making it ideal for scenarios where immediate communication matters more than guaranteed delivery.
• Error-tolerant—Applications that use UDP can tolerate loss and duplication.

How UDP Works

When transmitting data, UDP encapsulates the data into packets called datagrams, with each datagram being a small segment of a larger message. Datagrams serve as self-contained units and include the actual data (payload) and a header that provides essential information about them. 

Once the datagram is prepared, UDP further encapsulates it into an Internet Protocol (IP) packet. After this encapsulation, the entire packet is sent over the network to its intended destination.

An Overview of the TCP Protocol

Like UDP, TCP is a fundamental protocol within the Internet Protocol Suite. It transmits data in packets—small units of a larger message—over an IP network, ensuring the successful delivery of data and messages over networks^[2].

TCP is often employed in scenarios where data integrity and delivery are the most important, such as sending emails, accessing websites, and transferring files.

TCP's key features include: 

• Connection-oriented protocol—TCP establishes a connection between the sender and the receiver before any data exchange occurs. By negotiating parameters—specific settings and values agreed upon during the connection setup—and maintaining orderly data flow, this protocol offers reliable connections.
• Error checking—The protocol checks for errors during data transmission, ensuring the information it sends reaches its destination intact.
• Flow control—TCP optimizes the speed at which it transmits data depending on the capacities of the receiver.

How TCP Works

Computers exchange information via the TCP protocol in five steps:

1. Connection establishment—A server and a client establish a connection using a process called a three-way handshake, during which they agree on the initial parameters of the connection. 
2. Data segmentation—Data is divided into smaller packets, and includes an additional header containing information such as the sequence number and the acknowledgement number, both of which are used to ensure data integrity.
3. Transmission initiation—The TCP packet is then encapsulated into an IP packet and sent to its destination.
4. Acknowledgment—TCP confirms that data has reached its destination and will attempt a retransfer if the first transmission doesn't work.
5. Connection termination—After the transmission is complete or the session times out, the TCP connection is terminated. This step ensures the connection isn't left open, reducing the risk of data leaks.

UDP vs TCP VPN Protocols—A Concise Comparison

When comparing UDP and TCP VPN protocols, several key areas come into play. We'll compare them using four criteria:

1. Data security
2. Speed and performance
3. Reliability
4. Typical use cases

Data Security

Neither UDP nor TCP provide built-in security features. To address this, both protocols are often paired with robust encryption protocols, such as Secure Sockets Layer (SSL) or Transport Layer Security (TLS). 

Speed and Performance

UDP is generally faster than TCP. The former's speed comes from its simplicity—it doesn't establish a connection before sending data or verify that all the data arrived, reducing both the overhead of establishing a connection and interruptions from having to wait for the acknowledgment that the data arrived. 

Other factors that may contribute to UDP's higher speed include:

• A smaller header—UDP's header contains less information than TCP's, which makes UDP packets easier to process and quicker to send. 
• Stateless nature—Because it doesn't keep track of the session, sequence numbers, or acknowledgments, UDP can handle packets quicker. 
• No congestion control—Unlike TCP, UDP doesn't have congestion control mechanisms, allowing it to send data as fast as possible.

Connection Reliability

Reliability in information transmission refers to the protocol's ability to deliver data packets accurately, in order, and without loss.

TCP's reliability stems from its design. It uses a system of acknowledgments and retransmissions to ensure data segments arrive at their destination. If a packet is lost during transmission, TCP will retransmit it. 

UDP is a connectionless protocol that sends data packets without any guarantee that they will reach their destination. In poor network conditions, it might lose more information than TCP, compromising data integrity.

Typical Use Cases

Due to the differences in the strengths of TCP and UDP, they're typically used in different scenarios. The table below lists the typical use cases for each protocol:

‍

Which VPNs Support UDP and TCP?

There are two VPN protocols that support both TCP and UDP:

1. OpenVPN
2. IKEv2
   ‍

At least one of the two protocols is provided by the majority of VPNs, including: 

• NordVPN
• Norton Secure VPN
• CyberGhost VPN
• Proton VPN
• AVG Secure VPN
• Surfshark VPN
• Avast SecureLine VPN
• Bitdefender Premium VPN

Potential Risks To Consider While Using VPNs

Like many other online security tools, VPNs only protect your online presence to some extent. The potential risks Virtual Private Networks may not eliminate include:

• Phishing scams—Even with a VPN, you are still able to interact with deceptive emails or websites that may attempt to trick you into revealing sensitive information.
• Keyloggers—These malicious programs can infect your system and record every keystroke on your device.
• Software vulnerabilities—Software, including VPNs, can have flaws that hackers can exploit, exposing your data or allowing unauthorized access to the network.
• Data breaches—You can share your data voluntarily with third parties, such as merchants and subscription services. If their databases are compromised, your personal and financial information may be exposed.

Use These Methods To Complement What You Get With VPNs

Since VPNs are not capable of protecting you from every online threat, you should combine them with other security methods. Some of the additional security measures to consider are:

• Two-factor authentication—Also called 2FA, this method boosts account security by requiring a second form of identification for logging in, such as a unique code sent to your phone.
• Password managers—Tools like 1Password can create and store complex, unique passwords for your online accounts, reducing the risk of breaches due to weak or reused passwords.
• Antivirus software—This software continuously scans your device for known threats and removes them, protecting against malware like keyloggers and ransomware.
• Virtual cards—Virtual cards consist of unique card numbers, complete with CVVs and expiration dates, that mask your actual card details at checkout. Even though some banks offer them, with specialized card providers like Privacy, you get additional security features and card controls.

Enjoy Secure Transactions With Privacy Cards

Privacy is a virtual card provider that lets you generate virtual cards you can use instead of your debit card or bank account, reducing the risk of your financial information falling into the wrong hands. Privacy meets the stringent requirements set by PCI-DSS, the security standard all major payment card issuers follow.

Some of the security features Privacy offers include:

• High level of encryption—Privacy uses AES-256 encryption, a highly secure method used by governments worldwide, to safeguard your sensitive details during transmission.
• Two-factor authentication (2FA)—With 2FA support, Privacy adds an extra security step to verify your identity, making it harder for unauthorized access to your information.
• Transaction alerts—Real-time transaction monitoring lets you track your spending, helping you spot and prevent potentially fraudulent activities promptly.
• Fraud protection—Privacy takes consumer protection seriously. If you dispute a transaction, Privacy steps in to investigate and—if necessary—file a chargeback, offering you peace of mind.

Privacy Card Types and Features

With Privacy, you can create three types of virtual cards:

1. Single-Use Cards
2. Merchant-Locked Cards
3. Category-Locked Cards
   ‍

Learn about each card type in the table below:

With Privacy, you can set a spending limit on your virtual cards, and Privacy will block any charge that goes above that limit. You can also pause or close your Privacy Cards at any time to protect your bank account against transaction attempts, like the ones that may occur when canceling a subscription.

Privacy Cards—Safe and Convenient

Privacy offers a suite of additional features designed to make your online transactions more convenient. These include:

• Mobile app—Available on Android and iOS platforms, the Privacy App allows you to generate a new card, adjust spending limits, or deactivate a card with just a few taps.
• Browser extension—The Privacy Browser Extension, which works seamlessly with Chrome, Firefox, Edge, Safari, and Safari for iOS, streamlines your online shopping experience. It autofills card information during checkouts, so you don't have to type in all the details manually.
• Shared Cards—This feature allows you to share access to a specific virtual card with family, friends, or employees. They can make purchases on your behalf, adding flexibility to your online transactions without compromising your actual card details.

Getting Your First Privacy Card

To create your first virtual card with Privacy, follow these steps:

1. Create a new Privacy Account
2. Complete the Know Your Customer (KYC) process to verify your identity
3. Connect your bank account or debit card
4. Request and generate your first Privacy Virtual Card
   ‍

You can choose from four plans:

1. Personal plan—This plan is free for domestic purchases and allows you to generate up to 12 new cards a month. It includes access to secure Single-Use and Merchant-Locked Cards, the mobile app, browser extension, and all spending controls.‍
2. Plus plan–For $5/month, this plan enables everything in the Personal plan, access to Shared Cards and Category-Locked Cards, the ability to add card notes, and priority customer support. Plus users can generate up to 24 cards per month.‍
3. Pro plan—At $10/month, this plan offers everything in the Plus plan, 1% cashback on purchases up to $4,500 per month, priority customer support, the ability to create up to 36 cards a month, and waived international fees​​. ‍
4. Premium plan—For $25/month, this plan offers everything in the Pro plan and access to even more cards—up to 60 per month.

References

^[1] Statista. https://www.statista.com/statistics/790870/worldwide-security-spending-network-security-equipment/, Sourced May 12, 2024

^[2] Cloudflare. https://www.cloudflare.com/learning/ddos/glossary/user-datagram-protocol-udp/, Sourced May 12, 2024

^[3] Cloudflare. https://www.cloudflare.com/learning/ddos/glossary/tcp-ip/, Sourced May 12, 2024 

^[4] TechTarget. https://www.techtarget.com/searchnetworking/definition/UDP-User-Datagram-Protocol, Sourced May 12, 2024

^[5] TechTarget. https://www.techtarget.com/searchnetworking/definition/TCP-IP, Sourced May 12, 2024

^[6] TechTarget. https://www.techtarget.com/searchnetworking/answer/Are-there-any-inherent-security-problems-with-UDP, Sourced May 12, 2024

‍