Apple Pay v2 (signedTransactionInfo) : how to verify new token format and migrate from legacy EC_v1?

I’m updating a legacy application that used Apple Pay v1 token format, and in my new revamped version I’m now receiving the newer Apple Pay v2 format.

The old (v1) payload looked like this:

php { "version": "EC_v1", "data": "...", "signature": "...", "header": { "ephemeralPublicKey": "...", "publicKeyHash": "...", "transactionId": "..." } } In the new revamp (v2), Apple Pay returns this instead:

php { "signedTransactionInfo": "eyJhbGciOiJFUzI1NiIsIng1YyI6WyJNSUlF..." } From what I understand:

v1 tokens were elliptic-curve encrypted JSON objects containing a header and signature.

v2 tokens seem to be JWS (JSON Web Signature) strings using the ES256 algorithm, possibly containing transaction and subscription details inside.

Questions Is there any official Apple documentation or migration note explaining the move from EC_v1 → signedTransactionInfo?

How should I verify or decode the new signedTransactionInfo payload?

Should the verification now use Apple’s public keys instead of the legacy Merchant ID certificate?

Are there any example implementations or SDKs that can handle both v1 and v2 formats during migration?

Is there a recommended way to maintain backward compatibility while transitioning existing users?

Goal Ensure that my revamped app can handle Apple Pay v2 tokens securely while keeping the legacy v1 integration functional until all users are migrated.