diff --git a/ear.go b/ear.go
index 583250a..56bbe63 100644
--- a/ear.go
+++ b/ear.go
@@ -1,4 +1,4 @@
-// Copyright 2022-2023 Contributors to the Veraison project.
+// Copyright 2022-2026 Contributors to the Veraison project.
 // SPDX-License-Identifier: Apache-2.0
 
 package ear
@@ -211,7 +211,11 @@ func (o *AttestationResult) Verify(data []byte, alg jwa.KeyAlgorithm, key interf
 	iat, _ := token.IssuedAt()
 	claims["iat"] = iat.Unix()
 
-	return o.populateFromMap(claims)
+	if err := o.populateFromMap(claims); err != nil {
+		return err
+	}
+
+	return o.validate()
 }
 
 // Sign validates the AttestationResult object, encodes it to JSON and wraps it
diff --git a/ear_test.go b/ear_test.go
index 7655176..d03f18e 100644
--- a/ear_test.go
+++ b/ear_test.go
@@ -1,4 +1,4 @@
-// Copyright 2022 Contributors to the Veraison project.
+// Copyright 2022-2026 Contributors to the Veraison project.
 // SPDX-License-Identifier: Apache-2.0
 
 package ear
@@ -217,6 +217,11 @@ func TestVerify_fail(t *testing.T) {
 			token:    `eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJlYXIudmVyaWZpZXItaWQiOnsiYnVpbGQiOiJycnRyYXAtdjEuMC4wIiwiZGV2ZWxvcGVyIjoiQWNtZSBJbmMuIn0sImVhdF9wcm9maWxlIjoidGFnOmdpdGh1Yi5jb20sMjAyMzp2ZXJhaXNvbi9lYXIiLCJpYXQiOjEuNjY2MDkxMzczZSswOSwianRpIjoiMTY1Zjg0YzY3YzE0ZTEwZDFlNGI0MzM0MDgzY2IyYTIxZDI2YmYxN2FhNjBkNWU5ZGE5ZDhmNzE3NmFjNWI2MyIsIm5iZiI6MTY3NjQ3MjcwOSwic3VibW9kcyI6eyJ0ZXN0Ijp7ImVhci5hcHByYWlzYWwtcG9saWN5LWlkIjoicG9saWN5Oi8vdGVzdC8wMTIzNCIsImVhci5zdGF0dXMiOiJhZmZpcm1pbmciLCJlYXIudmVyYWlzb24uYW5ub3RhdGVkLWV2aWRlbmNlIjp7ImsxIjoidjEiLCJrMiI6InYyIn0sImVhci52ZXJhaXNvbi5wb2xpY3ktY2xhaW1zIjp7ImJhciI6ImJheiIsImZvbyI6ImJhciJ9fX19.LunlKAnUiVHZxIUr7jNnrwFlRtd7t6f6W1rzIFgcWFLdtJELKIVGkPVV5PriHh8T0uLLIEJafwvi6hmIr27aDw.trailing-rubbish`,
 			expected: `failed to parse token: unknown payload type (payload is not JWT?)`,
 		},
+		{
+			// JWT with invalid profile
+			token:    `eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJlYXIudmVyaWZpZXItaWQiOnsiYnVpbGQiOiJycnRyYXAtdjEuMC4wIiwiZGV2ZWxvcGVyIjoiQWNtZSBJbmMuIn0sImVhdF9wcm9maWxlIjoiaW52YWxpZC1wcm9maWxlIiwiaWF0IjoxLjY2NjA5MTM3M2UrMDksImp0aSI6IjVlZmQ0ZjQ1ODUyMmZkYjJjMGM4NjhmZjQwNjA2NWQ1MDk4ZTA3MjNmYjc3ZDA2YWY1Njc0NTJlYTY2ZjZkNTIiLCJuYmYiOjE3NzUwNDczMjcsInN1Ym1vZHMiOnsidGVzdCI6eyJlYXIuYXBwcmFpc2FsLXBvbGljeS1pZCI6InBvbGljeTovL3Rlc3QvMDEyMzQiLCJlYXIuc3RhdHVzIjoiYWZmaXJtaW5nIiwiZWFyLnZlcmFpc29uLmFubm90YXRlZC1ldmlkZW5jZSI6eyJrMSI6InYxIiwiazIiOiJ2MiJ9LCJlYXIudmVyYWlzb24ua2V5LWF0dGVzdGF0aW9uIjp7ImFrcHViIjoiWVd0d2RXSUsifSwiZWFyLnZlcmFpc29uLnBvbGljeS1jbGFpbXMiOnsiYmFyIjoiYmF6IiwiZm9vIjoiYmFyIn19fX0.fVRX_2DYOnAUo_UjsIC6MNmj3To7PPreiG3TUKAvxik3mSfs3_H-a0CdiY_cwYo3reqE2GTTdqNq9yAine0h4w`,
+			expected: `invalid value(s) for eat_profile (invalid-profile)`,
+		},
 	}
 
 	k, err := jwk.ParseKey([]byte(testECDSAPublicKey))