Rails - Paypal security Question

I'm trying to process a payment for 开发者_开发知识库a transaction. Currently I'm redirecting to a paypal url in a controller's method and passing in the variables in the url. Paypal seems to convert this to secure it - https://www.sandbox.paypal.com/cgi-bin/webscr?cmd=_flow&SESSION=lUAK-18U7c_uxbs0wYsKTqcO7tDjb9M4O2A0hqd4gsKhEyhlC0xCxFabBL8&dispatch=50a222a57771920b6a3d7b606239e4d529b525e0b7e69bf0224adecfb0124e9b61f737ba21b081983b975b35e10fe14fd9a7167ca5aec13b

Summary: User Form -> Controller Method -> Redirected to Paypal URL with variables

How secure is this? Can users access the url I'm redirecting to before Paypal converts it to a secure format? Do I need to implement the encryption recommended on this rails cast - http://asciicasts.com/episodes/143-paypal-security

I'm thinking I need to, but would rather not if it's not needed.

Thanks!

Not sure on your security question, but you may want to take a look at ActiveMerchant. It covers most types of Paypal payments, and is really easy to work with.