Is business logic abuse a growing problem for APIs? [Q&A]

Tricking applications into altering their processes or surrendering information is a highly efficient way for attackers to carry out theft or fraud while minimizing the risk of detection. We asked Mohammad Ismail, VP of EMEA at Cequence Security, to explain how this business logic abuse is carried out and why it’s becoming a growing problem. BN: What is business logic abuse fraud and why are APIs in particular at risk? MI: Business logic abuse describes a technique that seeks to subvert the functionality of an application or API. Strictly speaking, it’s not an attack at all as it uses legitimate… [Continue Reading]