Nelnet Campus Commerce | Secure Payments for Higher Ed

Taking Payment Security to the Next Level

Nelnet Business Services President, DeeAnn Wenger, and IT Director, Mike Walters, discuss the daily measures we take to ensure your institution’s payments and data are secure.

Our Commitment to Your Security

PCI Compliance

The Payment Card Industry Data Security Standard (PCI DSS) is a global payment security standard. At Nelnet, we view it as a year-round requirement. Annually, we undergo a PCI Level 1 on-site assessment to ensure we meet the highest standard and institute controls to protect against security breaches.

P2PE Partnership

Point-to-Point Encryption (P2PE) ensures that in-person and over-the-phone card payments are as secure as possible. In partnership with Bluefin, we offer a P2PE solution that reduces PCI scope and protects your campus and cardholders from a data breach.

FERPA Compliance

The Family Educational Rights and Privacy Act (FERPA) is a federal law that protects the privacy of student education records. Nelnet’s Authorized Payer Module is fully compliant with FERPA, allowing students to securely grant access to their private account by assigning an authorized payer a unique ID and password.

Nacha Verified

In compliance with Nacha requirements, Nelnet implements security best practices for protecting bank account information. Our policies and procedures manage and mitigate fraud and risk. Annually, we complete the TPS ACH Rules Compliance Audit.

25+ years in payments

For over 25 years, we’ve offered payment solutions designed to keep your data secure while serving the unique mission and needs of higher education.

Our Commitment to Industry Standards

A dedicated team of 55+ total members supporting Nelnet Campus Commerce Cybersecurity

Continuous cloud asset scanning searches for vulnerabilities and improperly configured assets

Penetration tests conducted against the applications utilizing human and automated methods

Dedicated security operations center staffed by certified security analysts utilizing active and passive (automated) threat-hunting techniques

Application security code scans investigate the application’s code to search for vulnerabilities and best practices

Vulnerability scanning & management across all infrastructure and dedicated operations team to manage vulnerability remediation

PCI DSS 4.0, SOC 1 Type II, GDPR, & CCPA compliant in addition to periodic audits led by our dedicated internal audit team

Comprehensive employee cybersecurity & privacy training, supplemented by our Security Champions hands-on training program

ARTICLE:Top Payment Security Solutions Provider 2023

Nelnet Campus Commerce was recognized by Enterprise Security for impacting the market and being at the forefront of payment security solutions.

Enterprise Security magazine is a go-to resource where industry experts share innovative solutions and expertise. In this article, learn more about this award and Nelnet’s commitment to payment security.

Explore the Article