diff --git a/src/Microsoft.AspNet.Mvc.Core/AntiForgery/AntiForgeryTokenSerializer.cs b/src/Microsoft.AspNet.Mvc.Core/AntiForgery/AntiForgeryTokenSerializer.cs
index 37f044b00a..98d0fa50e1 100644
--- a/src/Microsoft.AspNet.Mvc.Core/AntiForgery/AntiForgeryTokenSerializer.cs
+++ b/src/Microsoft.AspNet.Mvc.Core/AntiForgery/AntiForgeryTokenSerializer.cs
@@ -38,11 +38,12 @@ namespace Microsoft.AspNet.Mvc
             Exception innerException = null;
             try
             {
-                using (MemoryStream stream = new MemoryStream(UrlTokenDecode(serializedToken)))
+                var tokenBytes = UrlTokenDecode(serializedToken);
+                using (var stream = new MemoryStream(_cryptoSystem.Unprotect(tokenBytes)))
                 {
-                    using (BinaryReader reader = new BinaryReader(stream))
+                    using (var reader = new BinaryReader(stream))
                     {
-                        AntiForgeryToken token = DeserializeImpl(reader);
+                        var token = DeserializeImpl(reader);
                         if (token != null)
                         {
                             return token;
@@ -64,7 +65,7 @@ namespace Microsoft.AspNet.Mvc
          * Version: 1 byte integer
          * SecurityToken: 16 byte binary blob
          * IsSessionToken: 1 byte Boolean
-         * [if IsSessionToken = true]
+         * [if IsSessionToken != true]
          *   +- IsClaimsBased: 1 byte Boolean
          *   |  [if IsClaimsBased = true]
          *   |    `- ClaimUid: 32 byte binary blob
diff --git a/src/Microsoft.AspNet.Mvc.Core/Filters/ValidateAntiForgeryTokenAttribute.cs b/src/Microsoft.AspNet.Mvc.Core/Filters/ValidateAntiForgeryTokenAttribute.cs
new file mode 100644
index 0000000000..4442a212b5
--- /dev/null
+++ b/src/Microsoft.AspNet.Mvc.Core/Filters/ValidateAntiForgeryTokenAttribute.cs
@@ -0,0 +1,34 @@
+// Copyright (c) Microsoft Open Technologies, Inc.
+// All Rights Reserved
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// THIS CODE IS PROVIDED *AS IS* BASIS, WITHOUT WARRANTIES OR
+// CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING
+// WITHOUT LIMITATION ANY IMPLIED WARRANTIES OR CONDITIONS OF
+// TITLE, FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABLITY OR
+// NON-INFRINGEMENT.
+// See the Apache 2 License for the specific language governing
+// permissions and limitations under the License.
+
+using System;
+using Microsoft.Framework.DependencyInjection;
+
+namespace Microsoft.AspNet.Mvc
+{
+    [AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = false, Inherited = true)]
+    public class ValidateAntiForgeryTokenAttribute : Attribute, IFilterFactory, IOrderedFilter
+    {
+        public int Order { get; set; }
+
+        public IFilter CreateInstance(IServiceProvider serviceProvider)
+        {
+            var antiForgery = serviceProvider.GetService<AntiForgery>();
+            return new ValidateAntiForgeryTokenAuthorizationFilter(antiForgery);
+        }
+    }
+}
\ No newline at end of file
diff --git a/src/Microsoft.AspNet.Mvc.Core/Filters/ValidateAntiForgeryTokenAuthorizationFilter.cs b/src/Microsoft.AspNet.Mvc.Core/Filters/ValidateAntiForgeryTokenAuthorizationFilter.cs
new file mode 100644
index 0000000000..f2b08b61a9
--- /dev/null
+++ b/src/Microsoft.AspNet.Mvc.Core/Filters/ValidateAntiForgeryTokenAuthorizationFilter.cs
@@ -0,0 +1,36 @@
+// Copyright (c) Microsoft Open Technologies, Inc.
+// All Rights Reserved
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// THIS CODE IS PROVIDED *AS IS* BASIS, WITHOUT WARRANTIES OR
+// CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING
+// WITHOUT LIMITATION ANY IMPLIED WARRANTIES OR CONDITIONS OF
+// TITLE, FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABLITY OR
+// NON-INFRINGEMENT.
+// See the Apache 2 License for the specific language governing
+// permissions and limitations under the License.
+
+using System.Threading.Tasks;
+
+namespace Microsoft.AspNet.Mvc
+{
+    public class ValidateAntiForgeryTokenAuthorizationFilter : IAsyncAuthorizationFilter
+    {
+        private readonly AntiForgery _antiForgery;
+        
+        public ValidateAntiForgeryTokenAuthorizationFilter([NotNull] AntiForgery antiForgery)
+        {
+            _antiForgery = antiForgery;
+        }
+
+        public async Task OnAuthorizationAsync([NotNull] AuthorizationContext context)
+        {
+            await _antiForgery.ValidateAsync(context.HttpContext);
+        }
+    }
+}
\ No newline at end of file
diff --git a/src/Microsoft.AspNet.Mvc.Core/Microsoft.AspNet.Mvc.Core.kproj b/src/Microsoft.AspNet.Mvc.Core/Microsoft.AspNet.Mvc.Core.kproj
index c99bf0c57a..f01d713f0f 100644
--- a/src/Microsoft.AspNet.Mvc.Core/Microsoft.AspNet.Mvc.Core.kproj
+++ b/src/Microsoft.AspNet.Mvc.Core/Microsoft.AspNet.Mvc.Core.kproj
@@ -110,6 +110,8 @@
     <Compile Include="Filters\ResultExecutionDelegate.cs" />
     <Compile Include="Filters\ResultFilterAttribute.cs" />
     <Compile Include="Filters\ServiceFilterAttribute.cs" />
+    <Compile Include="Filters\ValidateAntiForgeryTokenAttribute.cs" />
+    <Compile Include="Filters\ValidateAntiForgeryTokenAuthorizationFilter.cs" />
     <Compile Include="FormContext.cs" />
     <Compile Include="HttpDeleteAttribute.cs" />
     <Compile Include="HttpGetAttribute.cs" />