PAST (Platform-Agnostic Security Tokens) is a specification and reference implementation for secure stateless tokens.

Unlike JSON Web Tokens (JWT), which gives developers more than enough rope with which to hang themselves, PAST only allows secure operations. JWT gives you “algorithm agility”, PAST gives you “versioned protocols”. It’s incredibly unlikely that you’ll be able to use PAST in an insecure way.

source: L