Multi-Factor Authentication Helps Prevent Cyber-Attacks

In Brief:

  • With the world shifting to living, learning, working, communicating, and simply existing online – security and multi-factor authentication have never been more critical in ensuring data is safe

  • Multi-factor authentication has recently been added to the Nelnet Campus Commerce Refund solution to add another layer of protection in keeping students’ information secure

  • Nelnet Business Services IT manager provides institutions with a cyber-safety list that can be distributed to students to ensure the best cyber practices are being taken

Blog Post

Block most compromised attacks with MFA

Multi-factor authentication (MFA) is becoming increasingly important as the world shifts to living, learning, and working online. With an increasing amount of individuals simply existing online, cybercrime is increasing as well.  Cybersecurity Ventures stated cybercrime damages will cost the world $6 trillion annually by 2021, up 3 trillion in the last five years. Adding layers of security to cyber accounts is critical – keeping data safe now and in the future.

MFA is a valid and secure way to protect digital accounts and information. An individual wanting to access a website or application must present two or more pieces of proof that they are who they say they are when MFA is required. When single authentication is the only thing in place, it is extremely easy for the cyber-criminal to obtain access and then continue doing what was planned because they appear as a legitimate user. MFA doesn’t allow the threat to obtain access in the first place by requiring users to provide two forms of identity. Just like we protect our physical items, such as a house, by locking the door and having security alarms, it’s equally as important to secure our digital items and information.

Jennifer Tobey, Nelnet Campus Commerce refund product owner, said MFA is an extremely important feature because cybercriminal attacks and hackers are increasing with the rise of people remotely working and learning.

“Adding another layer of security during these times is important to keep student data safe,” Tobey said.

MFA and Nelnet Campus Commerce Refunds

Nelnet Campus Commerce Refunds have recently implemented multi-factor authentication – taking our security to the next level. There are three types of MFA that can be used to securely protect a user and their personal, cyber information. Three types of MFA are:

  1. Something you know (a password)
  2. Something you have (a cell phone and having a code sent to it)
  3. Something you are (biometrics, finger prints, or facial recognition)

Aaron Hall, Nelnet Business Services IT manager, said MFA creates an extra hurdle for any would be cyber-criminal and makes it that much harder for them to commit fraud.

“Even if a student’s password is compromised or they fail to log out of a shared computer, an unscrupulous actor cannot hijack their payment information without having physical access to the other factors of authentication besides the password,” Hall said.

With our refund solution, students have the option of receiving their one time, identity confirmation code via their phone using SMS or through email. We prefer students use SMS because many times a student’s login at their institution is tide to their email. If an email gets compromised, it becomes an inadequate option for MFA.

Hall said it is vitally important that we send the refund to the person the institution intended and no-one else.

“If a profile was to be compromised, a cyber-criminal could direct a refund to their own bank account instead of the students,” Hall said. “Multi-factor authentication makes it so much harder for this to occur, since in nearly all cases the criminal doesn’t have physical access to the student’s cell phone.”

Cyber-safety list for students

The best protection is MFA, but other steps can be taken to ensure digital data security as well. Hall provided five things students can do to steer clear of cyber-attacks. Sharing this cyber-safety list with your students will decrease the chances of your institution having to deal with cyber-threats.

  1. Make sure passwords are sufficiently complex using letters, numbers, and special characters
  2. Consider changing passwords on a recurring basis
  3. Avoid using shared computers for anything financially related
  4. If using a shared computer, make sure to log out of all sites and close the browser when you are done
  5. Avoid publicly open Wi-Fi networks, as they are easy opportunities for cybercriminals to intercept your data

To request more information about security and compliance, visit

Author: Nelnet Campus Commerce

View all posts by Nelnet Campus Commerce