You want to protect your privacy, sure, but that can mean a lot of different things. Preventing snooping on your conversations and online activity is one possibility, as is keeping snoops from collecting your personal information. Privacy means many things, and IDX Privacy works in many ways to protect yours, up to and including help with identity theft recovery and insurance against losses from identity theft. It’s an excellent collection of identity theft prevention features. That’s what we tested here, and that’s what our 4-star rating represents. It also includes a promise of remediation if prevention fails, though we can’t test that promise, because doing so would require using actual compromised identities.
How Much Does IDX Privacy Cost?
The IDX privacy service lists for $79.95 per year or $9.95 per month, with both prices discounted for new members. LifeLock’s standard service costs a bit more, $11.95 per month or $124.99 per year at present. IDShield runs you $13.95 per month, but roughly doubling that rate gets you credit and identity theft tracking for all family members, up to 10 people.
LifeLock and IDShield focus strongly on identity theft remediation, while IDX Privacy branches out more, with VPN protection, ad and tracker blocking, and social media monitoring, among other things. Like IDX Privacy, Abine Blur Premium gathers a collection of varied privacy protections, though there’s not a lot of overlap between the two. Blur costs $39 per year. Also from Abine, DeleteMe aims to erase your personal information from public data aggregators, much like the Forget Me component of IDX Privacy. At $129 per year, DeleteMe is rather more expensive.
Getting Started With IDX Privacy
Signing up for IDX Privacy is simple. After confirming your email, a welcome screen describes four important features of the service. It watches 24/7 for threats to your private information. Its Password Detective lets you check to see whether any of your passwords have been compromised. IDX offers a 100% recovery guarantee if you’re a victim of identity theft. And a million-dollar insurance policy will cover financial losses from identity theft. Agree to the terms of service and you’re ready to start.
This service does a lot, so it offers newbies a tour of the most important features. You can skip the tour and dive right in, if you prefer. And the tour is available later in case you change your mind.
Privacy Online
When you log in to IDX Privacy, the first thing you’ll see is your IDX score. This will change as you make use of the various privacy protection components. Scroll down this window to view and interact with the various components. These are: Forget Me Personal Data Removal; Tracking Blocker; Private Search; SocialSentry; CyberScan; Password Detective; and Safe WiFi. I’ll discuss each of these in detail below.
On the Dashboard tab you get a list of alerts and active services. I found out by experience that right after you start with IDX Privacy you’re likely to get a lot of alerts.
The Account Information tab is the spot to fill in some simple personal information. This is also where you change your associated email, set a new password, or enable two-factor authentication. To set up two-factor, you snap a QR code with Google Authenticator or an equivalent authentication app. Thereafter, you’ll need both your password and an authentication code to log in.
On the final tab, Data Center, you enter all the personal, financial, and medical information that you want IDX Privacy’s CyberScan to track. This is separate from the personal information on the account page.
Adding personal information is just a tad awkward. You click a button to add new data, click to choose the type of data (Driver License, Email Address, Passport, Phone Number, or Social Security Number), click the Select button, enter the data, enter a label for the data, and click Submit. Whew!
You can only enter one Driver License or SSN. For the other personal data types, you get 10 entries. You can enter five credit card or bank accounts under Financial Data and 10 medical IDs under Medical Data.
The similar Dark Web Monitoring feature in Norton 360 Deluxe is a bit more generous. It will track one driver license and mother’s maiden name, 10 bank accounts and credit cards, and five apiece of phone numbers, addresses, insurance IDs, and email addresses.
As soon as you’ve entered data here, IDX Privacy starts checking data breach dumps and other dark web sources for signs that your data has been compromised. Clicking the red warning icon next to an item found on the dark web gets you a detailed report on what happened.
Forget Me Personal Data Remover
The Dark Web isn’t the only place your personal data might be found online. There are tons of legitimate websites whose business is to find and aggregate publicly available personal data. Since they’re legit, they’re required to let people opt out of having their data sifted and sold. IDX Privacy automates the opt-out process for dozens of such sites.
Getting started is simple. You just enter your name, address, and birthdate and launch a scan. When I used an address that was mine for 25 years, the scan found almost 50 instances of personal data, on sites from phonebooks.com to verifyarrestwarrant.com, and immediately started the removal process.
While the scan is quick, removal is not. On the main IDX Privacy page, you can see how many removals are in progress and how many are complete. Clicking either lists the sites involved, but the Removals Completed list includes a disclaimer that the process can take anywhere from two weeks to several months to finish. Note too that a glitch in reporting means that the sum of removals in progress and removals completed may not add up to the total number that was initially displayed. A fix is in the works.
By default, IDX Privacy repeats this removal step every month. That’s important, because while opting out removes data currently present in the aggregator’s database, it can’t prevent the site from capturing your data again. If you want to control this process manually, just click Stop Auto-Removal.
This service is nearly identical to what you get with a subscription to Abine DeleteMe. The stated reason that DeleteMe costs so much more is that the opt-out process for some of the covered sites requires human intervention. According to my IDX contact, IDX Privacy doesn’t require any human intervention, which saves substantial costs. “Many of these websites have unique obscure multi-step opt-out processes,” he noted, “and we found a way to reduce this complex process down to a single button click.”
Tracking Blocker
To you, the internet is a service and a source of information and amusement. To internet advertisers, you are a product. The more they know about you and your online habits, the more valuable a product you become. To maximize your value as a commodity, advertisers do their best to track your habits and interests as you surf the web.
If that sounds creepy, you could set your browser to automatically send the official “Do Not Track” header with every interaction. Nice idea, but trackers are free to ignore that toothless header. Truly foiling trackers requires an active Do Not Track system, like this suite’s Tracker Blocker.
This is a common feature for security suites and for feature-rich antivirus tools. Bitdefender Antivirus Plus and Kaspersky Internet Security come to mind. Privacy tools such as Abine Blur and Ghostery Midnight also block trackers.
Most security companies put no limits on their tracker blocking extension. Some even make this feature available separately, as a free download. IDX Privacy differs from most in that it puts limits on the use of its Tracker Blocker. You can install it on three devices, period, and activation requires a registration key provided in the online console. The extension supports Chrome and Edge, where others frequently extend support to Firefox, Internet Explorer, and even Opera. Note, too, that after installation you must actively turn on the Tracker Blocker and its associated Ad Blocker.
When you visit a web page that contains trackers, the extension overlays the number of found trackers on its Toolbar button. Clicking the button gets you a collection of statistics, but all you really see are how many trackers it blocked in various situations. You can’t get a list of the actual trackers, and you can’t exempt specific ones from blocking, the way you can with many competing tools. However, you can exempt specific pages from blocking.
Likewise, the Ad Blocker page shows you stats about the number of ads blocked, but no details about what was blocked. Most ad blockers give you more detail, though ShieldApps Cyber Privacy Suite has limits similar to this product.
Private Search
The biggest tech companies pretty much know everything about your life. They can scrape data from every online interaction, every purchase, every tweet, and more. And each time you use one of the major search engines, you’re feeding them more information about your interests. That’s why privacy mavens eschew the big names and use search engines that promise not to sell or otherwise use your data.
With IDX Privacy, starting a private search is as simple as scrolling down, entering your search terms, and clicking Search Privately. When you do, though, you’ll get a little surprise. The results come not from IDX but from popular private search site DuckDuckGo. You may find it more convenient to just go straight to DuckDuckGo and launch your searches.
Social Media Sentry
For some of us, half the fun of a life event occurs when we share that event on social media. The social media giants in turn hoover up what we share so they can better profile us. There are some things everyone should do to make these sites, especially Facebook, more private, starting with ensuring that your posts aren’t visible to the general public.
For other social sites, you may want everyone to see what you’re posting. Twitter would have little impact if only friends could see your tweets. The original point of LinkedIn was to connect with people you don’t already know. And so on. Even so, your profiles on these sites can be abused.
Enter IDX’s SocialSentry. To get started, you give this component permission to access your Facebook, Twitter, Instagram, LinkedIn, and YouTube accounts. I found it mildly ironic that in order to get protection on Facebook, I had to lift the restriction on third-party apps and games, a restriction that I put in place to enhance my privacy. My contact at IDX pointed out that the average Facebook user doesn’t disable that sharing platform, and he’s probably right.
As part of the setup process, you provide your name and any nicknames you use on social media. When you go through the process of connecting with your social sites, you’ll see that this protection comes from third-party ZeroFox.
Once I hooked up SocialSentry, I started to get plenty of notifications on many topics, all of which proved to be spurious. A tweet using the phrase “malware on steroids” got flagged for drugs. IDX flagged a mention of the VPN product Hide My Ass (now called HMA) as “foul, coarse, or expletive language.” It flagged Facebook post that mentioned Law & Order creator Dick Wolf as sexually explicit. And so on.
This plethora of false positives is exacerbated by the way IDX Privacy presents notifications. You see a long list with the reason, the social site, and the date for each alert. But you must open each one individually to see just what triggered the notification, and manually click to archive those that aren’t relevant. Do make the effort to plow through the initial storm of alerts. Once you’ve done that, you can give proper attention to future alerts.
CyberScan Alerts
Shortly after signing up for the service, you filled in a collection of personal, financial, and medical information. That’s all you have to do; the rest is up to IDX Privacy.
The service continuously scans the Dark Web, breach data dumps, and other sites that shouldn’t have your private information. If it finds a problem, it alerts you via email and also by notification within the online console. Chances are good you’ll get an initial flood of notifications. If you’re serious about protecting your identity, you’ll review these carefully.
Just what to do about compromised privacy depends on the type of data. The only thing to do with a compromised credit card is to notify the issuer, close the account, and get a new one. If one of your emails showed up in data from a breached site, either cancel your account on that site or change the password.
Note that you may also get a notification when the search completes without finding any exposure for a critical data item like your medical ID. After you’ve dealt with an alert, you can archive it, so it’ll be easier to concentrate on new alerts.
Password Detective
If you’re using a password manager to remember strong, unique passwords for every site, congratulations! If you’re trying to remember those passwords yourself, or if you use the same password everywhere, you don’t want to use anything that’s been exposed in a breach. And even a password like N2bxPDN6$!a3ujo6 can be exposed if it’s used on a site with poor security. That’s where Password Detective comes in.
Enlisting this detective’s services is simple enough; just enter a password that you’re using (or thinking of using) and click Check. You’ll instantly learn whether that password has been compromised.
IDX Privacy doesn’t wildly send your unprotected password off for analysis. Rather, it puts the password through a kind of one-way encryption called a hash algorithm. The same input always gives the same output, but it’s not reversible. In the cloud, it checks that hash against the hashes of billions of compromised passwords. If there’s a match, there’s a problem.
According to my IDX contact, this feature gets quite a bit of use; they average three password checks per user per month. More importantly, 80% of checked passwords turn out to be present in the database of compromised credentials. No more using 123456 or baseball as your password!
Safe WiFi VPN
With antivirus and other security utilities installed, your local PC can be pretty safe. However, as soon as you send data over the internet, all bets are off. To protect your data and activities as you surf the web, you need a Virtual Private Network, or VPN. And IDX Privacy gives you one, in the form of its Safe WiFi component.
Like the Tracker Blocker, Safe WiFi requires a separate installation. Or rather, three separate installations, as you can install it on three macOS or Windows devices. You’ll find a license key to activate it in the online console. By observation, the VPN technology comes from Private Communications Corp., publisher of the Private WiFi VPN utility.
PCMag has tested dozens and dozens of VPNs; alas, Private WiFi is not among them. By observation, it’s a simple, straightforward utility. A list of over two dozen server locations runs down the left side, a dozen of them US states and the rest foreign countries. Most of the latter are in Europe, though India and South Korea appear in the mix. The list’s order seemed peculiar until I realized it was sorted by distance from my current location.
Using the VPN is a simple matter of choosing a state or country and clicking the big Connect button. There’s no option to choose servers within a location, and therefore no information like which servers have the least latency. You also don’t find any servers optimized for specialized tasks such as video streaming or Torrenting.
I ran a simple IP geolocation test to verify that the test computer appeared to be in the country I selected—it did. A DNS Leak Test confirmed that the VPN wasn’t leaking data by using unprotected DNS servers.
And…that’s about it for this simple VPN. It doesn’t offer a kill switch to disable internet connectivity if the VPN connection fails. You can’t set it to automatically spring into action when you connect with an untrusted network. There’s no option for split-tunneling (meaning that some apps connect without going through the VPN).
By default, the VPN launches at system startup; you can configure it for manual launch. I’d be happier with an option to launch and connect at startup. As it is, you’ll have to remember to connect. You’ll also have to choose your preferred server location each time, as it doesn’t remember your last choice.
Also by default, it doesn’t exit and disconnect when you close its window. I don’t know why you’d do so, but you can reverse that setting. That’s it for settings, other than an interface language choice of English, French, Spanish German, or Japanese.
Don’t get me wrong; simplicity in a VPN can be a good thing, especially for less technical users. If you remember to connect with the topmost (meaning closest) server location each time your system starts, that’s a serious boost to your privacy.
Identity Theft Recovery
That’s it for the visible privacy protection components of IDX Privacy. The identity theft remediation service doesn’t have a visible presence, other than a button marked Request Help. The recovery process starts when you click that button or respond to a credit alert by marking it suspicious. As mentioned, I couldn’t test this part of the service, not without getting my own identity stolen, but I went over the process in detail with a company representative so that I could at least walk readers through what’s offered.
Once a case is created, a recovery intake team interviews you, the victim, to get all necessary details. Once that identity theft is verified, they set up a limited power of attorney, which allows IDX to handle “correspondence with entities including, but not limited to law enforcement agencies, credit bureaus, and state and local governments.” At that point, you sit back and let the experts do their jobs. The process can take from several weeks to nearly a year, and it doesn’t end until the member’s identity is “restored to pre-breach condition”.
Identity theft can be expensive. Thieves can directly steal money from your accounts, cause you to miss work, and even require you to take time and money for legal action. The million dollar insurance touted by IDX Privacy can help here. Per my company contact, “The expenses covered during the recovery process include lost wages, stolen funds (under certain conditions), and legal defense fees and expenses (e.g., credit reports, legal fees for some civil suits, fees for refiling loan applications, etc.) associated with the identity theft event.”
As with other identity theft remediation services, we can’t actively test the recovery process or see the insurance in action. In addition to testing the remediation, we’d want to be able to prove how quickly it pays out in practice, and to see firsthand what caveats might or might not apply to the $1 million insurance. All of you who have ever struggled with a payment from an insurance company are doubtless nodding your heads as you read this. That said, the services offered certainly sound like what you’d need and want after an identity theft event.
Protect Your Identity
The thing about insurance is, you really don’t want to have to use it. It’s better to just not have a car crash than to have a crash and let insurance pay to fix it. Likewise, it’s better not to experience identity theft in the first place. That’s why IDX Privacy offers its collection of privacy-enhancing services, along with remediation. If you respond to alerts about suspicious activities, you can head off attacks before they begin. Checking your social media for problems likewise can rebuff attempts to profile you. And using a VPN applies overall privacy protection to your online activities.
As noted earlier, there are many different facets to protecting your privacy. Products in the privacy arena may not share a single feature, so comparisons are difficult. We’ve named two very different products Editors’ Choice winners in this realm. Abine Blur lets you shop online without exposing your email, credit card, or phone, with a wealth of bonus features including a password manager and active Do Not Track. Preveil lets you easily protect every email message with encryption, and it doesn’t cost a cent.