You'll need to use the same PageStatePersister instance that the Page itself uses. Otherwise this check won't work reliably. For example, consider this instance method in your Page's code-behind:
private void CheckCsrfToken() {
var persister = this.PageStatePersister;
persister.Load();
if (persister.ViewState == null) {
throw new Exception("Validation failed.");
}
}
As long as Page.ViewStateUserKey is already set, the returned persister instance will have its modifier also set appropriately.