[eluser]CI&AI[/eluser]
I would personally choose hidden with encrytion hash - userguide has a nice explanation about hashing a message. Thus leaving no leech data for unwanted seeers.
We are using it to, to transfer to payment modules so that the user only has to press information is correct and pay...
But I don't know if our method is best practise