Zero-Trust Payment Infrastructures: A GenAI-Driven Threat Detection Mesh for Digital Wallet Ecosystems
DOI:
https://doi.org/10.15662/IJRAI.2024.0701003Keywords:
Digital Payments Security, Generative AI (GenAI), Zero-Trust Architecture, Cybersecurity Mesh, Federated Learning, Anomaly Detection, Digital Wallets / Mobile Payments, Real-Time Fraud Detection, Explainable AI (XAI), Regulatory ComplianceAbstract
The rapid proliferation of digital wallets, embedded payment services, and decentralized financial systems has amplified the threat landscape across real-time financial networks. Traditional rule-based fraud detection systems are no longer sufficient to counter increasingly complex, distributed, and adversarial cyber threats. This paper introduces a GenAI-powered cybersecurity mesh architecture designed to enforce Zero-Trust principles within digital payment ecosystems. The proposed system integrates transformer-driven threat intelligence with federated anomaly detection to continuously assess payment behaviors, device posture, session activity, and user identity signals. Key architectural innovations include a lightweight multi-layer mesh of edge nodes that process encrypted telemetry in real time, enabling sub-second threat scoring without compromising user privacy. The system leverages a continuous learning loop across geographies and wallets, combining supervised and unsupervised GenAI models to adapt to emerging threat signatures, with an explanation layer to support regulatory reviews and real-time dispute resolution. In simulations and a pilot deployment, the mesh achieved an ≈25% relative uplift in true-positive detection versus a strong gradient-boosted baseline (93.1% vs. 74.5% TPR) and ≈30% lower median inference latency (126 ms vs. 180 ms), while keeping FPR ≤ 2%. These results position GenAI-based cybersecurity meshes as a foundational capability for securing next-generation payment infrastructures.
References
[1] Goodfellow, I., Bengio, Y., & Courville, A. (2016). Deep Learning. MIT Press.
[2] Doshi-Velez, F., & Kim, B. (2017). Towards a rigorous science of interpretable machine learning. arXiv:1702.08608.
[3] McMahan, H. B., et al. (2017). Communication-efficient learning of deep networks from decentralized data. AISTATS.
[4] Shapley, L. S. (1953). A value for n-person games. In Contributions to the Theory of Games.
[5] European Commission (2021). Proposal for a Regulation on Artificial Intelligence (AI Act). (Status: political
agreement Dec 2023; committees approved Feb 13 2024; Council endorsed Feb 21 2024.) Artificial Intelligence Act
[6] NIST (2023). AI Risk Management Framework (AI RMF 1.0).
[7] ISO/IEC 42001:2023. Information technology — Artificial intelligence — Management system. (Published Dec 2023). ISO
[8] GDPR. Regulation (EU) 2016/679 — Article 22 (Automated decision-making).
[9] PCI Security Standards Council. PCI DSS v4.0 Implementation Timeline. (v3.2.1 retires Mar 31 2024; many future-dated reqs effective Mar 31 2025). BDO
[10] FIDO Alliance (2022). FIDO2 Technical Overview.
[11] W3C. WebAuthn Level 2.
[12] IEEE-CIS Fraud Detection. Kaggle Competition (2019). https://www.kaggle.com/competitions/ieee-frauddetection. Kaggle
[13] López-Rojas, E., & Axelsson, S. (2016/2017). PaySim: A Financial Mobile Money Simulator for Fraud Detection.
(paper) and repository: https://github.com/EdgarLopezPhD/PaySim. MSC-LESGitHub
[14] Open Policy Agent. https://www.openpolicyagent.org
[15] MITRE ATT&CK® for Enterprise.
[16] NVIDIA Triton Inference Server. Product documentation.
