If the transaction is complete, the web application will "bounce" the surfer to a URL on the original shopping cart web server machine, to indicate the result: Approved, Denied, InvalidCard, or Insufficient Data.
This final page can be served quickly by the insecure HTTP protocol on the shopping cart web server.