Two web sites, how to communicate more secure?

For example, I have a website, the URL is aaa.com
purchased the product on this website and generated an order.
But when paying, must jump to my original payment center (domain name bbb.com) up to pay!!
So, how is it safe to communicate?
I think of the URL between the jump, and then the parameter encryption, or with Auth? or a service?

Reply content:

For example, I have a website, the URL is aaa.com
purchased the product on this website and generated an order.
But when paying, must jump to my original payment center (domain name bbb.com) up to pay!!
So, how is it safe to communicate?
I think of the URL between the jump, and then the parameter encryption, or with Auth? or a service?

Many scenarios.

1. Signature Sign
The two parties agreed to the secret key, URL parameters according to a certain rule signature, B-point verification signature can be

// 双方约定的密钥$security_key = 'xxxxxx';// A点生成签名和URL$url = array();$url['order_id'] = '订单编号';$url['other_params'] = '其他参数';// 排序ksort($url);// 生成签名$url['sign'] = md5($security_key.urldecode(http_build_query($url)));// 生成URL$url = 'http://b.com/pay.php?'.http_build_query($url);// 走去支付Header("Location: {$url}");

2. pretreatment Prepare
A point to generate orders, a server Curl Access B server Delivery order information (server and server communication, security can verify the server IP), return token, and then a point to jump tohttp://b.com/pay.php?token={B点返回的Token值}

A lot of plans to see what they fit

According to the meaning of the topic, a server and B server is relatively independent of the two systems, unified session management This idea has been sealed dead, right.

If you have two separate servers, you can refer to the "Payment gateway" method (various callbacks, and so on). Various encryption, various HTTPS.
You can also share a data center.

