PayShield Payment scam firewall

PayShield for invoice-heavy SMEs.

Let finance teams and AI agents inspect invoices, supplier updates, and bank-detail changes before money moves. Every scan returns a clear decision with evidence: safe to continue normal checks, verify out of band, or do not pay until independently confirmed.

Open PayShieldTrust and privacy
PayShield payment scam dashboard preview
About PayShield

Payment-risk decision support for real invoice and supplier-email evidence.

PayShield is the payment-scam workflow in the shared FastAPI detection platform. It helps SMEs review invoice fraud, supplier impersonation, bank-detail changes, and payment-risk signals before a payment is released.

Built by Meidie Fei as part of a security engineering portfolio focused on practical detection workflows and clear safety boundaries.

View the MDP Studio project page
What it checks

Payment-themed emails, changed bank details, supplier identity, urgent payment pressure, approval bypass language, authentication results, links, domains, and attachment metadata.

What it returns

A payment decision of SAFE, VERIFY, or DO_NOT_PAY_UNTIL_VERIFIED with risk evidence, masked payment fields, and verification steps.

Boundary

PayShield does not approve or release payments. It gives evidence and verification guidance so a human-controlled finance workflow can decide what happens next.

1 Email enters the workflow

Invoice, bank-detail change, supplier portal notice, or executive payment request.

2 Agent calls the tool

analyze_payment_email returns structured risk, evidence, and safety metadata.

3 Finance gets a decision

Safe messages continue normal checks. Risky messages are held for out-of-band verification or paused until independently confirmed.

Before you pay

Public checks finance teams can share before money leaves the account.

These guides make PayShield easier to discover and give invoice-heavy SMEs a simple process for slowing down risky payment requests.

Invoice fraud checklist What to check when a supplier invoice, bank-detail change, or urgent payment request arrives. BEC verification workflow How to hold, verify, and record suspicious payment requests before approving them. Before you pay A quick workflow for confirming request, supplier, destination, and approval path.
Gemini MCP proof

An AI accounts-payable agent called the firewall before release.

The recorded demo shows Gemini finding the local MCP server, calling analyze_payment_email, receiving a do-not-pay-until-confirmed result, and writing a short AP team note grounded in the tool output.

Safe sample Verify sample Do-not-pay sample
Gemini CLI showing the payment-scam-firewall MCP server ready and analyzing a payment email sample.
Decision layer

Not another phishing score

The product is framed around payment release. The output maps technical signals to the business action the finance team needs.

Agent-native

MCP, CLI, and JSON

The same contract works from terminal demos, MCP clients, and the public sample UI, so the wedge is easy to show without mailbox access.

Safety boundary

Trust-safe rollout

The product supports real uploaded payment-email evidence. Demo samples are provided for safe onboarding, while customer uploads are session-bound, CSRF-protected, billed through Stripe Checkout, and covered by retention and deletion controls.