php - What's the most reliable way to store user data when a user is temporarily redirected to another site? -

i integrating payment gateway(securepay) website i'm building , when customer clicks checkout button redirected secure securepay page can enter credit card details , automatically redirected website post data can generate invoice etc. though it's limited data, whether it's approved or not, total amount, surcharges. etc no addresses or similar, there's no option parse in cold holder data that.

so thinking store card holder data in session variable, i'm worried if ever reason session somehow destroyed or times out customer entering card details.

is better use cookies store data?

i store in sql don't want store bunch of data don't need, , data security requirements suggest not keep card holder data don't need anyway. delete db entries invoice generated seems a bit of unnecessary work.

i have read few posts this, seem use sessions or store in sql, best option though?