Check this article: devnet.kentico.com/.../payment-gateways-and-csrf-protection
Update (16.1.2018)! This workaround is no longer available in Kentico 11 and higher and API checking for this item was removed. Workaround was added due to issues with protection and payment gateways only and they have been rewritten during v11 e-commerce rebuild.
The recommended approach is to create a handler that processes the request outside of the rendered (aspx) page itself.