In a listicle world where even the trivial is quantified, judged, and graded, let’s rank something important for a change: Which web browsers are best for protecting your security and privacy?
First, we took the measure of the goliaths: Chrome, the runaway leader in market share; Internet Explorer, the former champion; Edge, the upstart heir to Explorer at Microsoft; Safari, a favored choice for Apple users; and Firefox, the only major browser that is open-source.
Let’s see how these nine browsers rank next to each other.
Finding a winner
To decide which web browser is best for security and privacy, we will evaluate them by three criteria: Weeks between version updates (1.0, 2.0, 3.0, etc.); available security features; and embedded privacy tools.
Each browser will be assigned one to five stars on each component, yielding a composite score out of 15.
9. Microsoft Internet Explorer
Before the release of Chrome, and despite loyal followings for Firefox and Safari, Microsoft’s Internet Explorer once had a near monopoly on browser market share. Now, the company is actively telling people not to use IE.
Weeks between updates: N/A – No more updates. Now that Microsoft has introduced Edge as its new browser, it plans no more major updates to Internet Explorer. Microsoft does still release security updates for its former flagship browser, but they seem rather irregular, with the last coming almost two months ago, as of this writing. Internet Explorer just isn’t Microsoft’s priority anymore. 0 stars
Security: IE’s checkered legacy will always include being one of the less secure browsers available. Currently, Internet Explorer alerts users when they are visiting a potentially malicious site or downloading something that might be harmful. The browser also has adjustable security levels that allow users to beef up their online protection and was found in one study to lead all other browsers in detecting social engineering malware. Still, these features lag far behind those of its competitors. 2.5 stars
Privacy: Like Chrome, Internet Explorer allows you to toggle pop-up blockers and send a “Do Not Track” request to both the sites you visit and the third parties whose content is featured on those sites. This request, however, does not have to be honored, and it does not guarantee your traffic will remain private. Instead, IE features a “Tracking Protection” feature that lets you subscribe to tracking protection lists. The browser will then prevent listed sites from dropping cookies into your browser. That being said, IE is also closed-source, so there’s no telling what other sorts of surveillance widgets might be packaged into the browser itself. 2 stars.
8. Microsoft Edge
Microsoft is keen to make Chromium-powered Edge its new and improved browser for Windows users. Only available for those running Windows 10, this browser has an edge on its predecessor in terms of page load speeds. But how does it improve on Internet Explorer’s security and privacy?
Weeks between version updates: 26 Microsoft Edge only seems to update twice a year, which is nowhere near as frequent as its more popular competitors. While better than Internet Explorer, in an age of advanced malware and internet attacks, update frequency can make a big difference. 2.5 stars
Security: The Edge browser runs in a sandbox, meaning that browser processes are contained. It has kept Internet Explorer’s SmartScreen Filter, which blocks suspicious sites and could harbor malicious code. Edge also limits extension support, which limits the number of potentially dangerous extensions you could accidentally download. However, like its predecessor, Edge is steadily revealing a porous security record, with the most recent exploits found earlier last year by Google. 3 stars
Privacy: Oddly enough, Edge has done without Internet Explorer’s Tracking Protection feature, which would have prevented sites from sharing your browsing information. Tracking protection is also absent in Edge’s private browsing mode. If you want to browse privately, Edge is not for you. 1.5 stars
The creator of the CSS web standard, Hakon Wium Lie, developed Opera in 1995. The browser has since adopted much of Chromium’s code into its software and is now considered one of the more popular privacy-oriented browsers.
Weeks between updates: 4-6. This Chromium-based browser lags a little in its updates, which come out every 4-6 weeks. Ideally, the updates should be implemented every 3-4 weeks to minimize exposure to vulnerabilities patched by the latest Chromium release. 4 stars
Security: Opera boasts several security features that make your browsing experience safer. From its fraud and malware protection to blocking scripts and add-ons that are unsecure, Opera provides a robust, secure browsing experience. 3 stars
Privacy: As with Chrome, Opera’s default window will cache your data, and its private one won’t—although you can tweak this in your settings to enhance in the default browser window. While Opera does provide ways to customize your privacy and security, the opt-out method of securing and privatizing your browsing experience may not be appreciated by those more comfortable with browsers that provide it by default.
More alarming, though, is the free built-in VPN that Opera bought in 2016. It’s a troubling addition to the browser, as it tracks bandwidth and logs usage, and Opera itself is owned by a company based in a country notorious for privacy violations. Browser beware. 1 star
6. Google Chrome
Ten years have passed since the launch of Google Chrome, and it has since become the undisputed leader in browser market share, at almost 80%. Given its reputation for speed and the prevalence of Google services in our lives (web search, YouTube, Gmail, Google Docs, etc.), it’s no surprise Chrome has become the most widely used web browser today. But how does it perform on the selected criteria?
Weeks between updates: 6. Chrome offers version updates regularly, at almost exactly every 42 days. This ranks rather highly among browsers, and Chrome also releases nightly builds. Chromium and newer browsers still reliant on beta testing like Brave update more frequently, albeit only with partial builds. 4 stars
Security: Google has always been known as a leader for browser security, and for good reason. In addition to leading its competitors in update frequency and scanning for harmful downloads, Google automatically updates Chrome to the latest version, ensuring its users are always enjoying the latest browsing features. Chrome boasts the highest Browserscope security test scores, and Google itself has long encouraged hackers to find vulnerabilities in its own browser so the company can identify loopholes and improve the product.
Chrome 72 also introduced a new Web Authentication API that allows users to use security keys and Trusted Platform Modules as a verification method. All said, Google’s leading position in browser security is undisputed. 4 stars
Privacy: Here’s where Chrome loses quite a few points. While the browser does offer the usual pop-up blocker and allows users to send a “Do Not Track” request along with their browser traffic (which, by the way, does very little to stop sites from tracking you), one simply cannot ignore that Chrome belongs to the company that makes millions from knowing everything about you.
From automatically signing you in to the browser to a fishy location history policy, Google seems to be developing the habit of rolling out something unpopular before reeling it back in another update. Though there are ways around this, Google is still using Chrome to learn about you and then monetizing that information.
Chrome also boasts an extensive library of browser extensions, which offer a range of additional functionalities but at the cost of reduced privacy. Furthermore, since Chrome is a closed-source browser, no one can crack it open to see what (if anything) is hidden in the code. That said, this is no problem if you trust Google’s stance on privacy, and there is also an open-sourced version of Chrome available. 1 star
5. Apple Safari
The name Safari may be foreign to most Windows users, but Apple’s own web browser was actually featured on PC until 2012, after which it became available only on Apple devices. And although Safari is the default browser for Mac, it has largely suffered the same fate that befell Internet Explorer on Windows as Chrome exploded in popularity.
Weeks between updates: 9-47. Safari updates at very irregular intervals, which is surprising given that the world’s largest technology company makes Safari. When compared with its rivals, Safari updates much more slowly.
While Mac users are arguably exposed to fewer internet vulnerabilities than PC users, the lower frequency is still troubling. Safari’s most recent update came two months after the last one, so if Apple continues to update its browser more frequently, we’ll consider adding more stars to this section. 2.5 stars
Security: Safari doesn’t upgrade often, but it does a decent job of protecting you while you use it. Safari prevents suspicious sites from loading and alerts you to the potential danger. By running web pages in a sandbox, Safari also prevents malicious code on one page from affecting the entire browser or accessing your data.
One of Safari’s newest features is a password generator and manager, meant to dissuade users from repeatedly using old, weak passwords. Safari stores these passwords, so depending on whether you share your browser with your family, you may want to keep a separate password manager independent of your browser. 4 stars
Privacy: Safari’s latest update has really polished its privacy features, from camouflaging digital fingerprinting to a new intelligent tracking protection service. The browser prevents third-party sites from leaving data in your cache by default, helping you stay anonymous online. In addition, Safari offers a range of useful extensions to safeguard your privacy. Were it not for the facts that Safari is also closed-source and that its “Do Not Track” requests do not necessarily guarantee privacy, it would have scored a perfect 5 out of 5 here. 4.5 stars
Google Chrome is open-source at its core, but comes bundled with proprietary code specific to Google’s services. The purely open-source version of Google Chrome is available as Chromium, catering to a more privacy- and open-source-conscious audience that still wants to benefit from Google’s products.
Weeks between updates: 2-3. Chromium’s stable builds update every 14-21 days, although it has nightly builds that come out, well, every single day. The big drawback for Chromium here is that it doesn’t update automatically, leaving you susceptible to bugs and vulnerabilities if you don’t set a daily alarm to update your browser. 5 stars
Security: The Chromium browser is much like an unfinished version of Chrome, but with less code required to integrate third-party apps like Flash—reducing the complexities that come with more code. As it’s open-source, Chromium users can check for themselves if vulnerabilities are patched, which cannot be said of the more polished Chrome. As mentioned above, you’ll have to manually update your browser, so you’d have to be vigilant. Be sure to download from the source—there’s a lot of malware masquerading under the Chromium name. 3.5 stars
On the bright side, Chromium gives the user more privacy than Chrome, as none of the data is sent to Google. Builds that use Chromium’s open-source code are also not subject to the company’s default data gathering. 4 stars
Weeks between updates: 8-9. Brave is still building toward v1.0 for desktop browsers, so beta builds come out more frequently than its version builds, but it still manages to beat most of the competition in this area. It is perhaps expected, as the browser is quickly evolving to become a fully formed browser by the time it reaches v1.0. 4 stars
Security: Brave’s security settings allow you to select what data you want to delete whenever you close the app, including that from HTTPS Everywhere, blocking fingerprinting attempts, and keeping scripts from loading. Brave settings provide plenty of ways to customize your browsing experience to be as secure as you want it.
In December 2018, Brave fully transitioned to the Chromium codebase, making it easier for users to carry over their Chrome extensions—though they should be wary of what data third-party extensions collect. Among the add-ons supported are password manager integrations for LastPass and 1Password. 5 stars
Privacy: Brave has several features that keep your browsing activity private, with a default ad blocker that also stops ads from tracking your online behavior, as well as a function to secure unencrypted sites with HTTPS when necessary. Brave’s new Tor tab may be private, but it falls short of Tor’s own privacy standards with a customizable window size that could be used to fingerprint your browsing.
Brave is also experimenting with its own coin, called the Basic Attention Token (or BAT), which allows users to anonymously pay publishers for their content through micro-donations and get a percentage of it back.
Brave’s ICO raised a few eyebrows, however, not least because in the brief 30 seconds the coins were available, 40% of them ended up in the hands of a very small group of people. Inevitably, this drew suspicions that large advertising agencies had snapped up the tokens, which would seem to defeat the purpose of BAT in the first place.
A Brave developer has told ExpressVPN that 300 million BAT has been placed into a User Growth Pool to distribute to Brave users monthly as free grants and referral rewards, although this in itself seems to be a work in progress. The inclusion of a cryptocurrency within a browser is certainly novel, but it looks like it will take some time before it starts functioning as intended. 4 stars
Overall: 13/15 stars
2. Mozilla Firefox
Of all the browsers featured in this ranking, Firefox is the only one that is developed by a nonprofit organization, Mozilla. The browser is well known for its customizability and has long been a favored alternative to its brethren from Google, Microsoft, and Apple. The newest version, Quantum, has been hyped to be Firefox’s most privacy-oriented update yet.
Weeks between updates: 6-10. Firefox does not update as frequently as Google Chrome, but it does at least update within a regular timeframe. Given that the Mozilla Foundation is a nonprofit, it’s impressive to see its coding volunteers constantly working to ensure Firefox is loaded with the latest security and browsing features within weeks. 4 stars
Security: Firefox offers a suite of security features that any internet user will appreciate: phishing and malware protection, blocking reported attack websites/web forgeries, and warning users when a site is trying to install add-ons. While it is still behind Chrome in this area, the difference is almost negligible. Firefox users can take solace in knowing their preferred browser is one the most secure offerings around. 4.5 stars
Privacy: Firefox is relatively lightweight, compared with its competitors. In keeping with the times, Firefox also features “Content Blocking,” allowing users to block all trackers the browser detects. Considering its vast array of add-ons, users are spoilt for choice when looking to further enhance their online privacy.
But most important, Firefox is the only widely used web browser that is open-source. Anyone can examine Firefox’s source code, making sure there are no sketchy elements (like tracking software) baked into the final product. 5 stars.
1. Tor Browser
Developed by The Tor Project in 2002, and based on Firefox’s browser, Tor Browser was built for users to access the internet anonymously via the Tor network. Your activity and identity are masked by Tor, which encrypts your traffic in at least three layers by “bouncing your communications around a distributed network of relays” selected from thousands of volunteer computers.
Weeks between updates: About 2, ranging between 5 and 21 days. Most of Tor’s updates follow Firefox’s bug fixes and security patches. The updates are incredibly important to prevent anyone from exploiting bugs and security flaws in older versions of the Tor Browser. 5 stars
Security: The Tor Browser’s privacy is aided very much by its security—no one watching your connection can track your internet activity, nor can they identify you unless you explicitly identify yourself. Additionally, Tor does not track your browsing history and clears your cookies after every session. Tor also protects users from sites that try to fingerprint browsing history with its integration of NoScript. Based on tests of unique browser fingerprinting, only Tor can reduce the uniqueness of your fingerprint.
Browsing doesn’t get much more secure than that. 5 stars
Privacy: As we mentioned in our review of the Tor Browser, the process of bouncing your data through several relays makes it incredibly difficult for anyone to trace you and your activity. It’s not completely secure, as an FBI bust on the infamous Silk Road proved, but unless you’re running a high-profile and illegal operation on the Tor network, it’s unlikely that resources will be spent tracking down your browsing habits.
Be aware that law enforcement and ISPs can see who uses Tor, even if they don’t know what you’re doing on it. For maximum security, connect to a VPN first, and then start up the browser 4 1/2 stars
- Learn more about how you can combine the two here.
The best web browser is…
Having evaluated these browsers, here’s how they rank:
9. Internet Explorer (5.5/15)
8. Microsoft Edge (7/15)
7. Opera (8/15)
6. Google Chrome (9/15)
5. Apple Safari (11/15)
4. Chromium (11.5/15)
3. Brave (13/15)
2. Firefox (13.5/15)
1. Tor Browser (14.5/15)
Of course, there are many other important factors we could’ve included, such as browser speed and customizability. But for privacy and security, Tor Browser is ExpressVPN’s pick out of these nine popular web browsers!
The last step to secure and private browsing
As we’ve seen, each of these browsers has its respective strengths and weaknesses—including potentially tracking your web traffic and selling it to third parties.
Instead of fiddling with customized browser settings, all you need to do is hit “connect,” and let our VPN safeguard your security and privacy as you enjoy the internet—from any device.