diff --git a/kernel/kernel-keymanager-service/src/main/java/io/mosip/kernel/signature/service/impl/CoseSignatureServiceImpl.java b/kernel/kernel-keymanager-service/src/main/java/io/mosip/kernel/signature/service/impl/CoseSignatureServiceImpl.java
index 767ad5c7..a2b2e3a3 100644
--- a/kernel/kernel-keymanager-service/src/main/java/io/mosip/kernel/signature/service/impl/CoseSignatureServiceImpl.java
+++ b/kernel/kernel-keymanager-service/src/main/java/io/mosip/kernel/signature/service/impl/CoseSignatureServiceImpl.java
@@ -385,7 +385,12 @@ public String getKeyId(String kidPrepend, SignatureCertificate certificateRespon
                 (requestDto.getUnprotectedHeader() != null && requestDto.getUnprotectedHeader().containsKey(SignatureConstant.COSE_HEADER_KID))) {
             String kidPrefix = kidPrepend;
             if (kidPrepend.equalsIgnoreCase(SignatureConstant.KEY_ID_PREFIX)) {
-                kidPrefix = SignatureUtil.getIssuerFromPayload(requestDto.getPayload()).concat(SignatureConstant.KEY_ID_SEPARATOR);
+                String payload = Objects.isNull(requestDto.getPayload()) ? "" : requestDto.getPayload();
+                kidPrefix = SignatureUtil.getIssuerFromPayload(payload);
+                if (kidPrefix.isEmpty())
+                    kidPrefix = SignatureConstant.BLANK;
+                else
+                    kidPrefix = kidPrefix.concat(SignatureConstant.KEY_ID_SEPARATOR);
             }
             String keyId = SignatureUtil.convertHexToBase64(certificateResponse.getUniqueIdentifier());
             if (includeKeyId && Objects.nonNull(keyId)) {
diff --git a/kernel/kernel-keymanager-service/src/main/java/io/mosip/kernel/signature/util/SignatureUtil.java b/kernel/kernel-keymanager-service/src/main/java/io/mosip/kernel/signature/util/SignatureUtil.java
index aaf4872e..c31c6529 100644
--- a/kernel/kernel-keymanager-service/src/main/java/io/mosip/kernel/signature/util/SignatureUtil.java
+++ b/kernel/kernel-keymanager-service/src/main/java/io/mosip/kernel/signature/util/SignatureUtil.java
@@ -226,7 +226,13 @@ else return switch (referenceId) {
 
 	public static String getIssuerFromPayload(String jsonPayload) {
 		try {
-			JsonNode jsonNode = mapper.readTree(jsonPayload);
+			if (!isDataValid(jsonPayload)) {
+				LOGGER.error(SignatureConstant.SESSIONID, SignatureConstant.JWT_SIGN, SignatureConstant.BLANK,
+						"Invalid JSON Payload Data Provided. Payload: " + jsonPayload);
+				return SignatureConstant.BLANK;
+			}
+
+			JsonNode jsonNode = mapper.readTree(new String(CryptoUtil.decodeURLSafeBase64(jsonPayload)));
 
 			if (jsonNode.has(SignatureConstant.ISSUER)) {
 				return jsonNode.get(SignatureConstant.ISSUER).asText();