How RankShieldFinancial works.RankShield Financial is a verifiable, pre-settlement payment security platform. It works by signing each payment intent, verifying the approving human or authorized AI agent, sealing a released, held, or denied verdict, and anchoring it to a tamper-evident record — all before funds settle on an irreversible rail.
Sign
The payment intent is reduced to a canonical record and signed with post-quantum ML-DSA-65.
Verify
Signature, identity, liveness and agent authority are checked against the granted mandate.
Seal
A release or hold decision is produced with a signed, independently verifiable attestation.
Anchor
The decision is sealed to a tamper-evident record on the RankShield Network — before settlement.
What is the sign → verify → seal → anchor flow?
RankShield works as a four-stage pipeline that runs before a payment reaches an irreversible rail. Reading left to right, an action in coral resolves into a verified state in teal: the payment is signed, verified against the approving identity and agent authority, sealed into a released, held, or denied verdict, and anchored to a tamper-evident record. The point of the pipeline is that the outcome is provable, not merely asserted.
Sign
The payment intent is reduced to a canonical record and signed with post-quantum ML-DSA-65.
Verify
Signature, identity, liveness and agent authority are checked against the granted mandate.
Seal
A release or hold decision is produced with a signed, independently verifiable attestation.
Anchor
The decision is sealed to a tamper-evident record on the RankShield Network — before settlement.
How is a payment signed?
RankShield reduces each payment to a canonical intent — a fixed-order record of the rail, payer, payee, amount, and purpose — and signs it with composite ML-DSA-65, the NIST FIPS 204 post-quantum signature, hybridized with a classical signature. The signature covers all of those fields at once, so it binds this specific payment rather than a payment in general. Change the amount or the payee and the digest changes, so the seal no longer verifies. Signing keys live in an HSM and never leave hardware, and account references are HMAC-keyed and de-identified before they are recorded, so what is signed is a precise, tamper-evident description of the payment without exposing the underlying account numbers. This is the moment the payment becomes checkable.
What gets verified before a payment is released?
Verification is where RankShield decides whether the signed intent should proceed. It checks several things against the granted mandate, and any failure moves the payment toward a hold rather than a release.
Signature and identity
The ML-DSA-65 signature is checked and matched to the approving identity, confirming this exact intent was signed by the party entitled to approve it.
Agent authority
If an AI agent initiated the payment, RankShield checks the intent against the agent’s signed constitution — per-transaction and aggregate limits, allowed counterparties and purposes, expiry — and its dead-man’s-switch heartbeat.
Liveness, where relevant
Where a liveness challenge applies, a detector verdict must be cryptographically signed by an enrolled identity and bound to the specific intent, so a replayed challenge is treated as synthetic.
How does verification treat a human versus an AI agent?
Verification treats both a human and an authorized AI agent as signers, but it holds an agent to an explicit, signed mandate rather than an assumption. For a human-approved payment, RankShield confirms the ML-DSA-65 signature matches the identity entitled to approve it, and — where a bank enrolls it — that a live person is present through a signed liveness challenge inside the app’s own verified channel. For an agent-approved payment, RankShield checks the intent against the agent’s constitution: maximum per-transaction value, maximum rolling aggregate over a window, allowed counterparties, allowed purposes, and an expiry. It also checks a dead-man’s-switch heartbeat, so a silent or hijacked agent has its payments refused rather than released. Either way, an approval that stays inside its granted authority moves toward release; one that exceeds any bound moves toward a hold or a denial, with the reason recorded. The verdict model is identical; what differs is the mandate each principal is measured against.
How is the verdict sealed?
Once the checks run, RankShield produces exactly one verdict — released, held, or denied — together with a signed, independently verifiable attestation of why it was reached. Released means the signed intent, the approving identity, and any agent authority all checked out, so the payment may settle. Held means a check is missing or ambiguous, so the payment is paused for review rather than settled — and, crucially, remains recoverable. Denied means the intent violated an explicit rule and should not proceed. The seal is not a probability score; it is a decision bound to the exact payer, payee, amount, and purpose, so the reason can be audited later rather than reconstructed from a black box. Releasing a payment requires an M-of-N quorum, so no single key can approve one on its own.
What does it mean to anchor the decision?
Anchoring writes the sealed verdict and its attestation to a tamper-evident record on the RankShield Network, before settlement, so the decision cannot be quietly changed after the fact. What is anchored is the signed decision — not your customers’ account numbers. Account references are HMAC-keyed and de-identified under a secret pepper and stored as nonce-bound commitments, so the same account looks different on every transaction and the ledger holds commitments rather than PII. That makes the record independently checkable without turning it into a honeypot: an observer sees that a decision was made and can verify its integrity, but cannot read the underlying accounts. Because the anchor precedes settlement, the tamper-evident record is what existed at the moment of the decision — evidence that produces evidence to support compliance, not a claim reconstructed afterward.
Why does every step run before settlement?
Every step runs before settlement because that is the only moment the decision can still change the outcome. On instant and tokenized rails — RTP, FedNow, stablecoins, on-chain — a released payment settles with finality in seconds, and there is no chargeback, reversal, or clawback to recover it. A check that fires after settlement can document that fraud happened; it cannot stop it. So RankShield resolves the entire sign, verify, seal, anchor pipeline before the payment is released to the rail. A payment that fails any check is held before finality rather than chased afterward, which is the difference between preventing an irreversible loss and reconstructing one. It also matches where regulation is heading: Nacha expanded its fraud-monitoring rules in a 2026 phase to push detection earlier, toward pre-settlement, which is exactly where this pipeline sits.
A payment that settles before anyone can review it
On an instant rail, a payment initiated by a coached victim or a hijacked agent settles in seconds. A fraud tool that scores it after authorization only learns the money is already gone.
What happens after a released payment settles?
After a released payment settles, the pipeline does not simply forget it. An enrolled settlement oracle returns a signed receipt for what actually settled, and RankShield reconciles that receipt against the attested intent. The comparison resolves to one of three states: settled_as_attested, when the receipt matches the released intent; divergence, when the settled amount or details changed after release; or unauthorized_settlement, when a payment settled with no matching attestation at all. Because the receipt is signed by an enrolled identity, the reconciliation is itself verifiable rather than a trust-me report. This catches a rail that was bypassed and an amount that changed after the verdict, so the pipeline is a two-sided check: a gate before settlement and a reconciliation after it. The anchored verdict and the settlement receipt together describe both what was authorized and what happened.
Can I verify it myself?
Yes — that is the point. The verifier reduces a payment intent to the same canonical record the platform uses and hashes it with SHA-256 in your own browser. Sign and attest the intent, then change any field and verify: the digest shifts and the match fails, exactly as it would hold a real payment whose fields were altered. Nothing here is animated or faked — you are running the check yourself.
What does RankShield Financial not do?
Being precise about the boundary is part of the honesty. RankShield sits in the authorization path and produces evidence — it does not become your money-movement or compliance layer.
Not a wallet or custodian
RankShield never takes custody of funds. It holds no balances and moves no money — it returns a released, held, or denied verdict that your systems enforce.
Not a payment processor
It does not replace your bank, processor, or settlement system. Your existing rails move the money; RankShield proves the payment was meant to happen.
Not a compliance guarantee
It produces evidence to support compliance — signed attestations and reconciliation records — rather than making you compliant or promising any specific outcome.
How RankShield Financial works — questions, answered.
How does RankShield Financial work, in one paragraph?
What are the four steps: sign, verify, seal, anchor?
Can I verify it myself?
What does RankShield Financial not do?
What is anchored, exactly?
Is the signing quantum-safe?
Where does verification happen — before or after the money moves?
What happens after a payment settles?
See your payments verified before they settle.
RankShield Financial is rolling out with design partners on instant and tokenized rails. Request access and we’ll map it to your settlement flow.