Currently, if the Screen Pop APIs are being used in a Windows application (such as Byte or Encompass), a file has to be written to disk prior to the Marksman screen being screen popped. Because of this, credential and PII is being written to disk for a period of time. We need to find a more secure way of posting this data so this is not an issue.
Recommended solution is to have a URL that can be posted to with the post data for the screen pop. The response of the post is a unique ID that can be used to screen pop Marksman with the data posted. This unique ID should only be able to be screen popped once.
|Impact to Existing Customers||Multiple|