https://doi.org/10.1051/epjconf/202532801066
Privacy-Preserving Federated Learning in Healthcare, E-Commerce, and Finance: A Taxonomy of Security Threats and Mitigation Strategies
1 Sir Padampat Singhania University, Udaipur, Rajasthan, India
2 Department of Electronic Engineering, National Kaohsiung University of Science and Technology, Taiwan
3 Department of Computer Science and Engineering, Amity School of Engineering and Technology, Amity University, Madhya Pradesh, Gwalior, India
4 Faculty of IT & CS (FITCS),Parul University, Vadodara, Gujarat, India
* Corresponding author: rahul.cse397@gmail.com
Published online: 18 June 2025
Federated Learning (FL) transformed decentralized machine learning by allowing joint model training without mutually sharing raw data, hence being especially useful in privacy-sensitive applications like healthcare, e-commerce, and finance. Even with its privacy-focused architecture, FL is vulnerable to a range of security attacks such as data poisoning, model inversion, membership inference attacks, and communication interception. These attacks compromise the confidentiality of patients in healthcare, consumer data privacy in e-commerce, and financial safety in banking, thus necessitating effective privacy-preserving mechanisms. This survey presents a classification of security threats in FL, grouping them by their source, effect, and attack mode. We review state-of-the-art countermeasures, such as differential privacy, secure multi-party computation, homomorphic encryption, and resilient aggregation methods, their effectiveness, trade-offs, and real-world applicability to FL. In medicine, FL enables joint disease diagnosis without compromising patient confidentiality; in online shopping, it provides personalized suggestions without revealing customer tastes; and in banking, it improves fraud detection without violating regulatory requirements. In addition, we discuss future horizons in privacy-preserving FL, including adversarial robustness, blockchain-protected models, and tailored FL architectures, improving security and resiliency in these domains. We also discuss the balancing problems between security, accuracy, and computational efficiency with possible trade-offs in scaling privacy-preserving FL By analyzing threats and mitigation strategies systematically, this paper will provide direction to future research on designing secure, scalable, and privacy-preserving FL frameworks for the changing healthcare, e-commerce, and finance needs.
© The Authors, published by EDP Sciences, 2025
This is an Open Access article distributed under the terms of the Creative Commons Attribution License 4.0, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
