Skip links

  • Skip to primary navigation
  • Skip to content
  • Skip to footer
OWASP OWASP BLADE: Business Logic Attack Definition Framework BLADE
  • Matrix
  • Phases
  • Tactics
  • Techniques
  • Kill Chains
  • Resources
  • Contribute
    1. Home
      2. >
    2. Tactics
      3. >
    3. Payment Detail Abuse

    Payment Detail Abuse

    ID: TAC-19
    Phase: Attack Execution

    The adversary uses stolen or cracked payment credentials (such as credit card details or loyalty points), to make a purchase without the consent of the owner of those payment details.

    Techniques

    • Credit/Debit Card Abuse
    • Gift Card Abuse
    • Loyalty Points Abuse
    • Buy Now Pay Later Abuse

    Related Kill Chains

    • Carding Bot
    • Gift Card Cracking Bot
    • Loyalty Points Bot

    Updated: June 19, 2025

    OWASP BLADE: Business Logic Attack Definition Framework
    © 2025 OWASP BLADE: Business Logic Attack Definition Framework.
    • GitHub

    Cookie Policy

    This website stores cookies on your computer. These cookies are used to collect information about how you interact with our website and allow us to remember you. We use this information in order to improve and customize your browsing experience and for analytics and metrics about our visitors both on this website and other media. To find out more about the cookies we use, see our Privacy Policy.

    If you decline, your information won’t be tracked when you visit this website. A single cookie will be used in your browser to remember your preference not to be tracked.