/
/
Is Surfshark VPN Safe?

Quick jump

The short verdict

Surfshark is a sensible VPN to trust for normal privacy needs: hiding your IP address from websites, reducing exposure on public Wi-Fi, stopping your internet provider from seeing the content of your traffic, and keeping one subscription active across a lot of devices. It is not a tool for perfect anonymity, and it should not be treated like one.

What supports the trust case

  • Deloitte checked Surfshark’s no-logs controls again in 2025.
  • The network is described as 100% RAM-only.
  • Surfshark now lists 4,500+ servers across 100 countries.
  • Dausos and WireGuard now sit at the center of its modern protocol story.
  • The transparency report now gives figures instead of relying on a canary alone.

What deserves context

  • Surfshark says it temporarily keeps limited VPN connection details for up to 15 minutes after a session ends.
  • Dedicated IP can be tied to your account unless you use Surfshark’s anonymous Dedicated IP option.
  • Dausos is promising, but it is still newer than WireGuard and OpenVPN.
  • A VPN cannot stop tracking when you log into personal accounts or hand details to a scam page.

Privacy and logs: the part people usually skim too quickly

Surfshark says it does not collect browsing history, visited IP addresses, used bandwidth, network traffic or similar activity records. That is the part most people expect from a no-logs VPN, and it is a meaningful privacy claim.

The less marketable detail is also important. Surfshark’s policy says its servers temporarily keep details about a connection to a specific VPN server, such as a user ID and/or IP address plus connection timestamps, and that this information is automatically deleted within 15 minutes after the session ends. That does not mean Surfshark is storing your website history, but it does mean “no logs” should be read carefully rather than casually.

Fair reading: Surfshark’s privacy posture is still strong for ordinary users, but the 15-minute connection-data language belongs in any honest safety review.

Surfshark also operates under Netherlands jurisdiction. That does not automatically make it unsafe, but it does mean the company sits inside an EU legal environment rather than an offshore-only privacy story. For most users, the practical question is not “Can a court ever contact Surfshark?” It is “What useful VPN activity data would Surfshark have by then?”

Audits and outside checks

Surfshark’s strongest trust signal is not a homepage promise. It is the outside assurance work. In June 2025, Surfshark said Deloitte again verified its no-logs policy, including checks around server types, deployment processes, privacy-related procedures and whether the no-logs policy was applied across relevant infrastructure. That is worth more than a badge because it looks at the systems and procedures behind the privacy claim rather than only the public wording.

That said, audits are snapshots. They are useful because they create a record that can be challenged later. They are not a permanent guarantee that every future configuration, app release or support process will stay perfect.

Trust signal Why it helps What not to overclaim
Deloitte no-logs assurance Gives users more than Surfshark’s own wording. Still a point-in-time check, not a lifetime certificate.
Cure53 security work Adds independent review to parts of the infrastructure and Dausos story. Does not mean every future feature is automatically risk-free.
Transparency reporting Shows legal-request categories and disclosure outcomes. Only useful if kept current and easy to read.
Is Surfshark VPN safe in 2026 security and privacy banner
This safety review looks at Surfshark’s privacy wording, audits, server setup, app controls and legal-request disclosures as they stand on 1 July 2026.

Server security, RAM-only design and network size

Surfshark now says it has 4,500+ servers in 100 countries. The server count matters less than the server model, but it is still useful because more locations can reduce crowding and help users choose a nearby endpoint.

The bigger safety point is the RAM-only claim. Surfshark says all of its servers are diskless RAM-only machines, meaning data is wiped when a server is rebooted or powered off. That is a good design choice for privacy because it reduces what can remain on a machine after shutdown.

Server count 4,500+
Countries 100
Server storage RAM-only
Ports claim 10Gbps

RAM-only servers are not magic. They do not stop phishing, weak passwords or tracking inside accounts you choose to log into. They do, however, make the infrastructure less attractive as a long-term storage target. That is exactly the kind of boring backend detail that matters in a safety review.

Dausos, WireGuard, OpenVPN and post-quantum protection

Surfshark’s protocol story changed in 2026 because Dausos moved from “future idea” to a real Surfshark protocol. Our separate guide to Surfshark’s Dausos protocol explains the basics, but the short version is this: Surfshark says Dausos offers post-quantum protection, a dedicated tunnel for each user, AEGIS-256X2 encryption and up to 30% faster speeds than standard protocols. It also says Cure53 assessed the protocol.

The caveat is availability and maturity. As checked on 1 July 2026, Surfshark says Dausos is available on the macOS app and is coming to other platforms. That means many users will still rely on WireGuard, OpenVPN or IKEv2 for now. There was also early third-party reporting of a Dausos compatibility problem on some connections before Surfshark patched it, so it is better described as promising and new rather than long-proven. Surfshark’s protocol page also says post-quantum protection is built into Dausos and WireGuard in the app, but not into manual WireGuard setups.

Best practical protocol advice: use Dausos on macOS if it works well on your network; otherwise WireGuard is the safer default for speed and modern encryption, while OpenVPN remains useful for compatibility and restricted network setups.

Security features that matter day to day

Surfshark has a long feature list, but only a few features really decide whether it feels safe in normal use. The kill switch is the most important. It stops internet access if the VPN connection drops, so your device does not quietly fall back to an unprotected connection. We also have a separate visual explainer on how a VPN kill switch works if you want the mechanics without the jargon.

Kill switch

Protects against accidental exposure when the VPN tunnel fails.

CleanWeb

Blocks many ads, trackers, pop-ups and malicious websites, but it should not replace careful browsing or antivirus.

Dynamic MultiHop

Routes traffic through two VPN locations for users who want another layer between them and the exit server.

These features are useful, but they work best when they are turned on and checked after updates. A VPN app installed with every safety setting left off is weaker than most people assume.

Bypasser: helpful, but easy to misuse

Bypasser is Surfshark’s split-tunneling feature. It lets you choose apps or websites that skip the VPN while the rest of your traffic stays protected. That is useful for banking apps, local printers, work tools or streaming services that misbehave behind a VPN. For a separate guide, see how split tunnelling works.

From a safety point of view, Bypasser is neither good nor bad by itself. It depends how you use it. Excluding a banking app because it blocks VPN traffic may be sensible. Excluding your browser because one website was annoying can accidentally remove the protection you wanted in the first place.

Simple rule: only bypass specific apps or sites when you know why they need to bypass the VPN. Do not turn Bypasser into a broad “make the VPN mostly optional” setting.

NoBorders, OpenVPN obfuscation and restricted networks

Surfshark’s NoBorders feature is designed for networks that restrict VPN traffic. Surfshark says it detects restricted networks and gives you a server list that should work better in that situation. Obfuscation matters here because it makes VPN traffic harder to identify. Our separate guide explains how obfuscated servers work in more detail.

This is useful for school, workplace, hotel or country-level network restrictions, but it should not be oversold. Obfuscation can help traffic blend in; it does not grant legal immunity, and it does not make risky activity safe.

Transparency reporting and the old warrant canary question

Surfshark previously used a warrant canary. It now says it is moving away from that indirect signal and replacing it with fuller transparency reporting. That is a reasonable change if the report stays clear, current and specific. If you want the background, read our guide to how warrant canaries work.

The current Surfshark transparency report covers January to March 2026. It lists 361,451 DMCA requests, 30 inquiries from government institutions, 0 national security letters, 0 gag orders and 0 warrants from any government organization. Surfshark says none of those requests resulted in disclosure of user-related data.

DMCA requests 361,451
Government inquiries 30
Warrants 0
User data disclosed 0

Those numbers are a positive sign, but the real test is whether Surfshark keeps publishing comparable figures quarter after quarter.

Account safety, payment trail and Dedicated IP caveats

Surfshark can protect a VPN tunnel, but it cannot fix weak account habits. Use a unique password and turn on two-factor authentication. That matters more than most protocol debates because account takeover is often simpler than breaking encryption.

Payment and account data also matter. Surfshark’s privacy policy says account creation needs an email address and encrypted password, and payment handling can involve payment partners collecting transaction and card-related information. That is normal for paid services, but it means a standard subscription is not anonymous by default.

Dedicated IP deserves one extra warning. Surfshark’s terms say a Dedicated IP can be tied to your email address unless you select the anonymous Dedicated IP option after installation. Users who care about traceability should not skip that step.

A safer Surfshark setup in five minutes

  • Turn on the kill switch before using public Wi-Fi.
  • Use WireGuard by default, or Dausos on macOS if it performs well on your connection.
  • Enable CleanWeb, then still treat suspicious pages as suspicious.
  • Use Bypasser only for specific apps or websites that genuinely need it.
  • Turn on two-factor authentication and avoid reusing your email password.
  • Run DNS, WebRTC and IP leak checks after installing the app and after major updates.

Bottom line: should you trust Surfshark?

For most people, yes. Surfshark has enough substance behind the brand to be treated as a safe mainstream VPN: audited no-logs controls, RAM-only server design, a large server network, strong protocols, useful app protections and a current transparency report with no user-data disclosure for the latest published quarter.

The balanced view is that Surfshark is not perfect and should not be described as invisible-by-default privacy. The 15-minute connection-detail language, account-data realities and newer Dausos rollout all need context. If you use the kill switch, turn on 2FA, avoid broad Bypasser exclusions and understand what a VPN cannot hide, Surfshark is a strong option for everyday safety and privacy.

Frequently asked questions

Is Surfshark safe for public Wi-Fi?

Yes, Surfshark is a sensible public Wi-Fi choice when the VPN is connected and the kill switch is enabled. The encrypted tunnel helps protect traffic from local snooping, but it does not make fake login pages or suspicious downloads safe.

Does Surfshark store browsing history?

Surfshark says it does not store the websites you visit or the content of your VPN traffic. Its privacy policy still matters because it says limited connection details can be kept briefly and then deleted within 15 minutes after a VPN session ends.

Can Surfshark hand over user data?

Any VPN provider can receive legal requests. The practical question is what data exists when a request arrives. Surfshark’s latest published transparency report says the January–March 2026 requests did not result in disclosure of user-related data.

Does Surfshark make me anonymous?

No. Surfshark can hide your real IP address from many websites and encrypt traffic between your device and the VPN server, but accounts, cookies, payment records, browser fingerprints and information you enter into websites can still identify you.

Martin Needs, cybersecurity reviewer

Author profile

Martin Needs | Director at NeedSec LTD | Cybersecurity reviewer

Martin reviews VPN safety pages by looking at practical controls rather than slogans: logging claims, infrastructure design, independent assurance work, incident handling, app-level protections and what users still need to secure themselves.