>
> I see how BIP 70 verifies the payment request, however, is there any way
> to verify that the transaction signed by the wallet matches the request
> before it is sent to the blockchain (and how can this support out of band
> verification)?
>

No. It cannot be done in the Bitcoin context. Your wallet MUST be secure.
Otherwise BIP70 is irrelevant - if the attacker can make your wallet sign
some other transaction than what you expect, they can also just steal your
private keys and use them directly. BIP70 is based on the assumption of a
secure signing core that cannot  be compromised, with devices like the
TREZOR and 2-factor pairings of desktops and mobiles being an obvious use
case.