Hi
Non IT savvy guy here.
I had to ask work IT guy to help me to connect my iPhone to the work wifi because it was not connecting. Turns out Nordvpn which I had recently installed was causing the problem and when I paused it I could connect.
The IT guy said I wouldn’t be using a VPN on you your personal mobile as it puts your data at risk, unless you absolutely trust the service.
Is this a risk? Should I not be using this on my phone??
Thanks yea makes sense. It’s just the privacy and banking info that is the issues. Cheers
No problems here I always run NORD on my phone, mostly to get around geoblocking. Occasionally it needs a restart but otherwise it fine.
"The IT guy said I wouldn’t be using a VPN on you your personal mobile as it puts your data at risk."
Did he elaborate as to why? I thought the whole point on having a VPN was to help with online anonymity (as much as possible anyway).
Anonymity isn't the same thing as security. Essentially Nord now has visibility over all your traffic with a localised app on your phone with pretty heavy permissions. Thus why trusting them is important, in theory they could launch a man in the middle attack. In reality they likely never would because it would completely ruin their business model.
I turn off my VPN whenever I do things like banking, because I don't really need to be anonymous. If my ISP or the government sees I'm transacting with the bank, cool, it's a thing I regularly do. That session with the bank is still encrypted and it's extremely unlikely my ISP will do anything beyond cart that data around. It's actually a good thing if the bank knows I'm connecting from a regular location/IP address, it's less likely to raise any red flags on the transaction (I noticed this when bidding on houses, increasing my daily transaction limit from home worked fine with my regular login, from auction sites I usually had to call in and verify).
The cheaper VPN providers usually just give you an illusion of privacy, i.e. they might retain / log and sell your data, give it over to authorities when asked and if they're located in jurisdictions where officials often raid VPN providers with a search warrant, you might expect your data to end up in the hands of some foreign government
You may also recall India requiring VPN's operating there to collect and turn over user data (including their real IP address, their name, email, telephone, purpose of using that service, and "ownership patterns" in an effort to unmask cybercriminals. In Western regions like the EU that would be considered a massive invasion of privacy, but privacy isn't really as valued in some countries. So that's an example where your data might be given to someone else, although somewhat involuntarily and probably not the fault of the VPN provider.
These VPN companies always advertise it as a tool for privacy and it really depends on if you are willing to take their word for it. Using a larger vpn like Nord shouldn't be a massive issue and it's unlikely anyone will ever know what traffic is going through the vpn (unless its nord themselves or govt could request it). But you should never do anything highly illegal