Best Practices Advice...

I have currently have two rails apps. One is the Card_Server which
stores all the credit cards, and the other is the main rails app.I am
starting to build the billing section of the application which will
handle charging credit cards, editing invoices, and things of the
admin nature for the entire site. Should I place this billing/invoice/
admin application into my rails app and use role based authentication
or would it be more secure or a better idea to have my billing section
as stand alone 3rd rails application?

Thanks!