diff --git a/lib/AccountManager/App/Step3.pm b/lib/AccountManager/App/Step3.pm
index 9130748348820217da9084b4049658a3128a2e0e..96977b98dc50977fb62dae182a520aae83250642 100644
--- a/lib/AccountManager/App/Step3.pm
+++ b/lib/AccountManager/App/Step3.pm
@@ -35,6 +35,16 @@ sub run {
     my $sp = $self->get_sp(entityid => $entityid);
     return if !$sp;
 
+    return $self->abort(
+        log_message  => "Missing parameter: email",
+        user_message => "missing_email"
+    ) if !$email;
+
+    return $self->abort(
+        log_message  => "Invalid parameter: email",
+        user_message => "invalid_email"
+    ) if $email !~ /^ [\w\-.+]+ @ [\w\-.+]+ $/x;
+
     # override metadata contacts if needed
     $self->mock_contacts($sp);