diff --git a/lib/webauthn/public_key_credential_with_attestation.rb b/lib/webauthn/public_key_credential_with_attestation.rb
index 49b9ba8d..b723a0bd 100644
--- a/lib/webauthn/public_key_credential_with_attestation.rb
+++ b/lib/webauthn/public_key_credential_with_attestation.rb
@@ -5,11 +5,15 @@
 
 module WebAuthn
   class PublicKeyCredentialWithAttestation < PublicKeyCredential
+    class InvalidChallengeError < Error; end
+
     def self.response_class
       WebAuthn::AuthenticatorAttestationResponse
     end
 
     def verify(challenge, user_verification: nil)
+      challenge.is_a?(String) || raise(InvalidChallengeError, "challenge must be a String. input challenge class: #{challenge.class}")
+
       super
 
       response.verify(encoder.decode(challenge), user_verification: user_verification)
diff --git a/spec/webauthn/public_key_credential_with_attestation_spec.rb b/spec/webauthn/public_key_credential_with_attestation_spec.rb
index 7d692a94..be56c764 100644
--- a/spec/webauthn/public_key_credential_with_attestation_spec.rb
+++ b/spec/webauthn/public_key_credential_with_attestation_spec.rb
@@ -87,7 +87,15 @@
       end
     end
 
-    context "when challenge is invalid" do
+    context "when challenge class is invalid" do
+      it "raise error" do
+        expect {
+          public_key_credential.verify(nil)
+        }.to raise_error(WebAuthn::PublicKeyCredentialWithAttestation::InvalidChallengeError)
+      end
+    end
+
+    context "when challenge value is invalid" do
       it "fails" do
         expect {
           public_key_credential.verify(Base64.urlsafe_encode64("another challenge"))