A Review of Virtual Private Network Mobile Application Security

Authors

  • Suzanna Schmeelk Department of Computer Science, Mathematics and Science, M.S. Cyber and Information Security Program, St. John’s University, New York, USA https://orcid.org/0000-0003-1886-3798
  • James Dermezis Department of Computer Science, Mathematics and Science, M.S. Cyber and Information Security Program, St. John’s University, New York, USA
  • Andre Duchatellier Department of Computer Science, Mathematics and Science, M.S. Cyber and Information Security Program, St. John’s University, New York, USA
  • Charles Orbezo Department of Computer Science, Mathematics and Science, M.S. Cyber and Information Security Program, St. John’s University, New York, USA
  • Tomas Medina Department of Computer Science, Mathematics and Science, M.S. Cyber and Information Security Program, St. John’s University, New York, USA
  • Jared Reid Department of Computer Science, Mathematics and Science, M.S. Cyber and Information Security Program, St. John’s University, New York, USA
  • Denise Dragos Department of Computer Science, Mathematics and Science, M.S. Cyber and Information Security Program, St. John’s University, New York, USA
  • Lixin Tao Department of Computer Science, Pace University, New York, USA

DOI:

https://doi.org/10.37256/cnc.3220256619

Keywords:

Mobile Virtual Private Networks, Mobile Application Security, Static Analysis, Security Analysis, Mobile Security Framework

Abstract

In an era of heightened online risks, the demand for Virtual Private Networks (VPNs) has surged. The VPN market has grown significantly, ranging from popular services like NordVPN, which holds a quarter of the market share, to applications with a small installation base. Studies show that as of 2024, 46% of Americans use at least one VPN application. Given VPNs' role in protecting sensitive data, questions have arisen regarding the security posture of VPN applications themselves. This study systematically reviewed 27 Android VPN applications selected from mobile app stores, following the Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA) guidelines to ensure methodological transparency and reproducibility. The analysis utilized application software review, the Mobile Security Framework (MobSF), and public-facing information to assess each application's vulnerabilities, required permissions, and data collection practices. The findings revealed significant variability across the applications and common issues, such as the use of insecure random number generators, excessive permission requests, exported components lacking proper access controls, and the logging of sensitive user information. Based on these results, the study highlights the need for improved secure coding practices to enhance the security posture of existing mobile VPN applications.

Downloads

Published

2025-10-11

How to Cite

[1]
S. Schmeelk, “A Review of Virtual Private Network Mobile Application Security”, Comput. Networks Commun. , vol. 3, no. 2, pp. 129–147, Oct. 2025.

Issue

Computer Networks and Communications, Volume 3 Issue 2 (2025)

Section

Articles

License

Copyright (c) 2025 Suzanna Schmeelk, et al.

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

Further Information : Article Processing Charge| Open Access Policy| Privacy Policy| Terms and Conditions

Contact Email:publisher@wiserpub.com

Copyright 2025 Universal Wiser Publisher Pte.Ltd. All rights reserved