I have this REST call that makes a payment through the URL, and I'm logged in with a username and password. http://www.somepaymentsite.com?userId=23423..&payment=34.. Without using https, how do I prevent of another user from using that same REST call to make payment? Thanks! Nick