Ranked: Security and privacy for the most popular web browsers (updated for 2018)



Let’s face it: Human beings love to compare. Our insistence to quantify, judge, and rank everything under the sun has resulted in lists covering everything from the best universities to the worst Adam Sandler movies (which you can easily stream, should you dare).

Clearly, some rankings are more important than others. So how about a security and privacy ranking for the four most popular web browsers? With the average time spent on the internet ballooning year after year, it is natural to wonder which of the biggest web browsers give us the best online security and privacy. Well, fret not, because that’s exactly what we’re all here to find out.

The nine contestants

First, we take the measure of the four goliaths: Chrome and Internet Explorer, each having been, at some time, the leader in browser market share, and Safari and Firefox, the former being a favored choice for Apple users and the latter being the only major browser that is open source.

Next we dig a little deeper at the less popular but nonetheless powerful browsers that claim to prioritize your security and privacy. We cover Brave, EPIC Privacy Browser, Chromium, Opera, and Tor Browser.

Let’s see how these nine browsers rank next to each other.

Finding a winner: Counting stars

To decide which web browser is best in terms of security and privacy, each will be evaluated in three key areas: number of days between updates, an evaluation of the browser’s security features, and an evaluation of its privacy tools. Each browser will be graded (out of five stars) in each of the three areas, ultimately yielding a composite score out of 15.

Google Chrome

Security and Privacy review of Chrome 2018Chrome was launched in 2008 and is the current leader in browser market share. Given the browser’s reputation for speed and the prevalence of Google services in our lives (web search, YouTube, Gmail, Google Docs, etc.), it’s no surprise Chrome has quickly overtaken Internet Explorer to become the most widely used web browser today. So how does it perform on the selected criteria?

Number of days between updates: 42. Chrome is a little sluggish here, with each update taking approximately six weeks to roll out.  While Chrome does come out with full updates rather than partial ones, the frequency of its updates lags behind Firefox and even Internet Explorer. And that, in an age of patching responses to advanced malware and internet attacks, can make a big difference.3-star

Security: Google has always been known as a leader for browser security, and for good reason. In addition to leading its competitors in update frequency and scanning for harmful downloads, Google also automatically updates Chrome to the latest version, ensuring its users are always enjoying the latest security improvements and browsing features. Chrome also boasts the highest Browserscope security test scores, and Google has long encouraged hackers to find vulnerabilities in its own browser so its engineers can identify loopholes and improve the product. All said, Google’s leading position in browser security is undisputed. 5-star

Privacy: Here’s where Chrome has to be docked a few points. While the browser does offer the usual pop-up blocker and allows users to send a “Do Not Track” request along with their browser traffic, one simply cannot ignore that Chrome belongs to the company that makes millions from knowing everything about you. And although there are ways around this, it doesn’t change the fact that Google is using Chrome to learn about you and then monetizing that information. Chrome also boasts an extensive library of browser extensions, which offer a range of additional functionalities but at the cost of reduced privacy. Furthermore, since Chrome is a closed-source browser, it means we cannot crack it open to see what (if anything) is hidden in the code. That said, this is no problem if you trust Google’s stance on privacy, and there is also an open-sourced version of Chrome available.2-star

Overall: 10/15

Microsoft Internet Explorer

Security and Privacy Review of Internet Explorer 2018Before the release of Chrome, Microsoft’s Internet Explorer had a commanding share of the browser market. Nowadays, IE and Microsoft’s newest browser, Edge, have taken a back seat to their rivals. There is still a sizable user base for Internet Explorer—at least for the purposes of downloading another web browser on a new PC.

Number of days between updates: 30. A monthly update puts Microsoft’s IE a little behind its competition. Its touted replacement, Edge, only had two updates in 2017. If Microsoft wants to get an edge (heh) on the competition with its newest browser, it would do well to at least provide regular updates to patch against internet attacks.3-star

Security: While it has made large strides to improve its security features, IE’s checkered legacy will always include being one of the less secure browsers available. Currently, Internet Explorer alerts users when they are potentially visiting a malicious site or downloading something harmful. The browser also has adjustable security levels that allow users to beef up their online protection and was found in one study to lead all other browsers in detecting social engineering malware. Still, both browsers have yet to rise above and lead their competitors in terms of security.3-star

Privacy: Like Chrome, Internet Explorer allows you to toggle pop-up blockers and send a “Do Not Track” request to both the sites you visit and the third parties whose content is featured on those sites. However, doing so does not guarantee your traffic will remain private. Instead, IE features a “Tracking Protection” feature that lets you subscribe to tracking protection lists. The browser will then prevent listed sites from dropping cookies onto your browser. That being said, IE is also a closed-source browser, so there’s no telling what other sorts of surveillance widgets might be packaged into the browser itself.4-star

Overall: 10/15

Apple Safari


The name Safari may be foreign to most Windows users, but Apple’s own web browser was actually featured on PC until 2012, after which it became available only on Apple devices. And although Safari is the default browser for Mac, it has largely suffered the same fate that befell Internet Explorer on Windows as Chrome exploded in popularity.

Number of days between updates: 54. At close to two months, Safari is almost dead last for update frequency. This is quite surprising given that the world’s largest technology company makes Safari. When compared with its rivals, Safari updates at a rate that is slower by more than three(!) times. Since Mac users are exposed to fewer internet vulnerabilities than PC users, the lower frequency is understandable but still troubling.1-star

Security: Although Safari doesn’t upgrade often, it does a good job of protecting you while you use it. Safari prevents suspicious sites from loading and alerts you to the potential danger. By running web pages in separate processes, Safari prevents malicious code on one page from affecting the entire browser or accessing your data.4-star

Privacy: Safari also does quite well regarding maintaining your online privacy. Like its peers, users can tell Safari to send a “Do Not Track” request along with their browsing traffic. The browser also prevents third-party sites from leaving data in your cache by default, helping you stay anonymous online. In addition, Safari offers a range of useful extensions to safeguard your privacy. Were it not for the facts that Safari is also closed-source and that its “Do Not Track” requests do not necessarily guarantee privacy, it would have scored a perfect 5 out of 5 here.4-star

Overall: 9/15

Mozilla Firefox

Security and Privacy Review of Firefox 2018

Of all the browsers featured in this ranking, Firefox is the only one that is developed by a nonprofit organization. The browser is well known for its customizability and has long been a favored alternative to its brethren from Google, Microsoft, and Apple.

Number of days between updates: 7-14. Firefox updates every one to two weeks, one of the highest frequencies for the browsers in this ranking. The Mozilla Foundation and its thousands of coding volunteers are constantly working to ensure Firefox is loaded with the latest security and browsing features.5-star

Security: Firefox offers a suite of security features that any internet user will appreciate: phishing and malware protection, blocking reported attack websites/web forgeries, and warning users when a site is trying to install add-ons. While it is still a step behind Chrome in this area, the difference is almost negligible. Firefox users can take solace in knowing their preferred browser is one the most secure offerings around.4-star

Privacy: Firefox was the first browser to introduce the “Do Not Track” feature. A revolutionary feature when first introduced, this is now standard across major web browsers and still requires ad networks to honor the user’s wishes to not be tracked. In keeping with the times, Firefox now also features “Tracking Protection,” allowing users to subscribe to tracking protection lists and protect themselves against cookie-dumping by third parties. When combined with its vast array of add-ons, Firefox leaves users spoilt for choice when looking to enhance their online privacy. But most important, Firefox is the only major web browser that is open-source. This means anyone can examine Firefox’s code, making sure there are no sketchy elements baked into the final product.5-star

Overall: 14/15


chromium browser star rating

Google Chrome is open-source at its core, but comes bundled with proprietary code specific to Google’s services. The purely open-source version of Google Chrome is available as Chromium, catering to a more privacy- and open-source-conscious audience that still wants to benefit from Google’s products.

Number of days between updates: <1. The frequency of updates is unbeatable, with a new one coming out every single day. The only drawback here is that Chromium doesn’t update automatically, meaning you’ll have to update each time manually, leaving you susceptible to bugs and vulnerabilities if you don’t do it frequently.5-star

Security: The Chromium browser is much like an unfinished version of Chrome, but with less code required to integrate third-party apps like Flash—reducing the complexities that come with more code. As it’s open-source, Chromium users can check for themselves if vulnerabilities are patched, which cannot be said of the more polished Chrome.4-star

Privacy: Unfortunately, this is where the browser stumbles. Neither Chrome nor Chromium allows you to disable WebRTC, which leaves users vulnerable to WebRTC leaks—although you can patch this problem with the WebRTC Leak Prevent add-on, or a VPN.

Furthermore, as Chromium falls under the same family of Google products, it also falls in line with Google’s privacy policy, which states:

“We use the information we collect from all of our services to provide, maintain, protect and improve them, to develop new ones, and to protect Google and our users. We also use this information to offer you tailored content—like giving you more relevant search results and ads.” (Boldened for emphasis)

Now, while Chromium does not send data to Google, Chromium still falls under this umbrella of services, leading some to suspect that it may be collecting data to send to Google.

While this particular browser is linked to Google, builds that use Chromium’s open-source code are not owned by Google, and therefore not subjected to the company’s default data gathering.

It’s important to note here that while the Chromium browser from Google could well track your activity, there are Chromium-based browsers, such as Opera, which do not send usage data to Google. 3-star

Overall: 11/15 


brave browser star rating

A relatively new contender to the browser market, Brave was founded by Brenden Eich, the former Mozilla head who also created JavaScript, in 2016. While a relatively new web browser, Brave packs quite a punch in its fast-performing, privacy-focused, and minimalistic design.

Number of days between updates: Approximately 14. Brave updates come out at an average of once every two weeks. The updates can range from a few days for the Android version to two months for the iOS version. As of writing this post, the last stable release for iOS was December 13, 2017. If Brave can bring down the number of days between iOS releases, then we’ll update this section to five stars.

Security: Brave’s security settings allow you to select what data you want to delete whenever you close the app, including that from HTTPS Everywhere, blocking fingerprinting attempts, and scripts from loading. Brave settings provide plenty of ways to customize your browsing experience to be as secure as you want it to be.

The browser does not support many third-party extensions, which may annoy users who want to keep using their extensions from Chrome, but it ensures that no malicious third-party apps and extensions compromise the user’s security. Among the few add-ons supported: password manager integration for LastPass and 1Password.5-star

Privacy: Brave has several features that keep your browsing activity private, with a default ad blocker that also stops ads from tracking your online behavior, as well as a function to secure unencrypted sites with HTTPS when necessary. Brave’s upcoming private tabs, akin to Chrome’s incognito, will use Tor, ensuring no unsecure connections occur on the browser.

Brave is also experimenting with its own coin, called the Basic Attention Token (or BAT), which allows users to anonymously pay publishers for their content through micro-donations and get a percentage of it back. Brave’s ICO raised a few eyebrows, however, not least because in the brief 30 seconds the coins were available, 40% of them ended up in the hands of a very small group of people. Inevitably, this drew suspicions that large advertising agencies had snapped up the tokens, which would seem to defeat the purpose of BAT in the first place.4-star

Overall: 13.5/15 stars

EPIC Privacy Browser

epic browser star rating

Created by the Electronic Privacy Information Center, the EPIC Privacy Browser was developed in 2010 by Hidden Reflex, a software company based in India, with the intent of creating a browser that is always in “private browsing mode.” Customized for Indian users with support for 12 Indian languages and bundled with its own search engine, EPIC browser is very popular in India.

Number of days between updates: 60. Considering that the browser is Chromium-based, a code that is updated daily, it’s worrying that EPIC updates are released far less frequently. As of this writing, the last stable release was over two months ago, on November 27, 2017.2-star

Security: 3.5 stars

Long update delays leave the browser vulnerable to security flaws and bugs that are resolved in newer Chromium builds. The integrated search tool, epicsearch.in, deletes all search queries and data every few minutes, though it does sometimes share your IP address to get geographically relevant search results.

Privacy: 3.5 stars

EPIC makes good on its promise with constant private browsing and by removing cookies, cache, and browsing history every time you exit. The default Do Not Track feature makes your browsing secure, and it disables third-party cookies and autofill features.

The browser also has a built-in encrypted proxy service, which helps mask your IP address, but it does not have a kill switch, which means your IP address could leak if the proxy fails to connect.

Overall: 9/15 stars


opera browser star rating

The creator of the CSS web standard, Hakon Wium Lie, developed Opera in 1995. The browser has since adopted much of Chromium’s code into its software and is now considered one of the more popular privacy-oriented browsers.

Number of days between updates: 30-42 days. While quicker than EPIC, this Chromium-based browser also lags a little in its updates, which come out every 4-6 weeks. Ideally, the updates should be implemented every 1-2 weeks to minimize exposure to vulnerabilities patched by the latest Chromium release.

Security: Opera boasts several security features that make your browsing experience safer. From its fraud and malware protection to blocking scripts and add-ons that are unsecure, Opera provides a robust, secure browsing experience.3-star

Privacy: Like with Chrome, Opera’s default window will cache your data, and its private one won’t—although you can tweak this in your settings to enhance in the default browser window. While Opera does provide ways to customize your privacy and security, the opt-out method of securing and privatizing your browsing experience may not be appreciated by those more comfortable with browsers that provide it by default.

More alarming, though, is the free built-in VPN that Opera bought in 2016. It’s a troubling addition to the browser as it tracks bandwidth and usage logs, and Opera itself is owned by a company based in a country notorious for privacy violations. Browser beware.2-star

Overall: 8.5/15 stars

Tor Browser

tor browser rating

Developed by The Tor Project in 2002, and based on Firefox’s browser, Tor Browser was built for users to access the internet anonymously via the Tor network. Your activity and identity are masked by Tor, which encrypts your traffic in at least three layers by “bouncing your communications around a distributed network of relays” selected from thousands of volunteer computers.

Number of days between updates: Average of 14, ranging between 5 and 21. Most of Tor’s updates follow Firefox’s bug fixes and security patches. The updates are incredibly important to prevent anyone from exploiting bugs and security flaws in older versions of the Tor Browser.5-star

Security: The Tor browser’s privacy is aided very much by its security—no one watching your connection can track your internet activity, nor can they identify you unless you explicitly identify yourself. Additionally, Tor does not keep track of your browsing history and clears your cookies after every session. Tor also successfully protects its users from sites that try to fingerprint your browsing history with its integration of NoScript. Based on tests of unique browser fingerprinting, only Tor can reduce the uniqueness of your fingerprint.

Browsing doesn’t get much more secure than that.5-star

Privacy: As we mentioned in our review of the Tor Browser, the process of bouncing your data through several relays makes it incredibly difficult for anyone to trace you and your activity. It’s not completely secure, as an FBI bust on the infamous Silk Road proved, but unless you’re running a high-profile and illegal operation on the Tor network, it’s unlikely that resources will be spent tracking down your browsing habits.

Be aware that law enforcement and ISPs can see who uses Tor, even if they don’t know what you’re doing on it. For maximum security, connect to a VPN first, and then start up the browser.

  • Learn more about how you can combine the two here.

Overall: 14.5/15 stars

And the best web browser is…

Having evaluated these browsers, here’s how they rank:

9. Opera (8.5/15)
8. EPIC Privacy Browser (9/15)
8. Apple Safari (9/15)
6. Internet Explorer (10/15)
6. Google Chrome (10/15)
4. Chromium (11/15)
3. Brave (13.5/15)
2. Firefox (14/15)
1. Tor Browser (14.5/15)

Of course, there are many other important factors we could’ve included, such as browser speed and customizability. But for privacy and security, Tor Browser is ExpressVPN’s pick out of these nine popular web browsers!

The last step to secure and private browsing

As we’ve seen, each of these browsers has its respective strengths and weaknesses—including potentially tracking your web traffic and selling it to third parties.

And try as they might to give you a secure and private browser experience, the only way to protect all of your device traffic (from your ISP, for instance) is to use a VPN.

Instead of fiddling with customized browser settings, all you need to do is hit “connect,” and let our VPN safeguard your security and privacy as you enjoy the internet—from any device.

Caleb enjoys reading technology news, playing football, and consuming unwholesome amounts of steak. Preferably at the same time.