It's not secure unless you encrypt the information that you're going to send and send it over HTTPS rather than HTTP. But this still doesn't prevent some smart jack-ass to hijack the info, but at least it's still more secure than using simple HTTP request