Reads the payload half of payloadB64url.signatureB64url. The signature is NOT verified here — the browser has no key. Tampering is caught server-side when completePayment verifies the full token.
payloadB64url.signatureB64url
Reads the payload half of
payloadB64url.signatureB64url. The signature is NOT verified here — the browser has no key. Tampering is caught server-side when completePayment verifies the full token.