How to verify if the response received in success page is real and authentic?

I use hosted pay page scheme (with Get approved response). First I create an order_id and associate it with the session id of the user, I save this association on the server. I set an Url address for approved response. The address relates to a ASP page. In this asp, first I retrieve the session Id of the user ( because without it he cannot access to the site.) Then I create a Url containing this session id and some transaction related values that have been received from Moneris server such as response_order_id, banc_transaction_id. Now there is a risk here. Considering before paying the amount on the Moneris site, a fake request is made toward the success page. Creating such a request is not too hard because order_id can be stolen on its rout to the server and for other values (like banc_transaction) the receiver (success page) has no means to verify its authenticity. Is there any way to check if the values received on the success page are really correspond the payment under process?