diff --git a/lib/libelectronic-id b/lib/libelectronic-id
index e7490d08..2288a02f 160000
--- a/lib/libelectronic-id
+++ b/lib/libelectronic-id
@@ -1 +1 @@
-Subproject commit e7490d08ad8ec62c447cafa79684bd6c033dfb97
+Subproject commit 2288a02fbdf0400c420598431f592c2db2f58220
diff --git a/src/controller/command-handlers/authenticate.hpp b/src/controller/command-handlers/authenticate.hpp
index c40e0c1d..0b70c049 100644
--- a/src/controller/command-handlers/authenticate.hpp
+++ b/src/controller/command-handlers/authenticate.hpp
@@ -35,10 +35,6 @@ class Authenticate : public CertificateReader
     QVariantMap onConfirm(WebEidUI* window,
                           const EidCertificateAndPinInfo& certAndPinInfo) override;
 
-signals:
-    void verifyPinFailed(const electronic_id::VerifyPinFailed::Status status,
-                         const qint8 retriesLeft);
-
 private:
     QString challengeNonce;
 };
diff --git a/src/controller/command-handlers/sign.hpp b/src/controller/command-handlers/sign.hpp
index 4058908d..d1348fa6 100644
--- a/src/controller/command-handlers/sign.hpp
+++ b/src/controller/command-handlers/sign.hpp
@@ -37,8 +37,6 @@ class Sign : public CertificateReader
 
 signals:
     void signingCertificateMismatch();
-    void verifyPinFailed(const electronic_id::VerifyPinFailed::Status status,
-                         const qint8 retriesLeft);
 
 private:
     void
diff --git a/src/controller/commandhandler.hpp b/src/controller/commandhandler.hpp
index 4a6136d0..841563ff 100644
--- a/src/controller/commandhandler.hpp
+++ b/src/controller/commandhandler.hpp
@@ -45,6 +45,7 @@ class CommandHandler : public QObject
     void multipleCertificatesReady(const QUrl& origin,
                                    const std::vector<EidCertificateAndPinInfo>& certAndPinInfos);
     void singleCertificateReady(const QUrl& origin, const EidCertificateAndPinInfo& certAndPinInfo);
+    void verifyPinFailed(electronic_id::VerifyPinFailed::Status status, qint8 retriesLeft);
 
 protected:
     CommandHandler(const CommandWithArguments& cmd) : command(cmd) {}
diff --git a/src/controller/controller.cpp b/src/controller/controller.cpp
index 570ac39d..cec6da75 100644
--- a/src/controller/controller.cpp
+++ b/src/controller/controller.cpp
@@ -160,25 +160,22 @@ void Controller::onCardsAvailable(
     }
 }
 
-void Controller::runCommandHandler(const std::vector<ElectronicID::ptr>& availableEids)
-{
-    try {
-        auto* commandHandlerRunThread =
-            new CommandHandlerRunThread(this, *commandHandler, availableEids);
-        connectRetry(commandHandlerRunThread);
-
-        // When the command handler run thread retrieves certificates successfully, call
-        // onCertificatesLoaded() that starts card event monitoring while user enters the PIN.
-        connect(commandHandler.get(), &CommandHandler::singleCertificateReady, this,
-                &Controller::onCertificatesLoaded);
-        connect(commandHandler.get(), &CommandHandler::multipleCertificatesReady, this,
-                &Controller::onCertificatesLoaded);
-
-        commandHandlerRunThread->start();
-
-    } catch (const std::exception& error) {
-        onCriticalFailure(error.what());
-    }
+void Controller::runCommandHandler(std::vector<ElectronicID::ptr> availableEids) noexcept
+try {
+    auto* commandHandlerRunThread =
+        new CommandHandlerRunThread(this, *commandHandler, std::move(availableEids));
+    connectRetry(commandHandlerRunThread);
+
+    // When the command handler run thread retrieves certificates successfully, call
+    // onCertificatesLoaded() that starts card event monitoring while user enters the PIN.
+    connect(commandHandler.get(), &CommandHandler::singleCertificateReady, this,
+            &Controller::onCertificatesLoaded);
+    connect(commandHandler.get(), &CommandHandler::multipleCertificatesReady, this,
+            &Controller::onCertificatesLoaded);
+
+    commandHandlerRunThread->start();
+} catch (const std::exception& error) {
+    onCriticalFailure(error.what());
 }
 
 void Controller::onCertificatesLoaded()
@@ -202,22 +199,22 @@ void Controller::disposeUI()
     }
 }
 
-void Controller::onConfirmCommandHandler(const EidCertificateAndPinInfo& certAndPinInfo)
-{
+void Controller::onConfirmCommandHandler(const EidCertificateAndPinInfo& certAndPinInfo) noexcept
+try {
     emit stopCardEventMonitorThread();
 
-    try {
-        auto* commandHandlerConfirmThread =
-            new CommandHandlerConfirmThread(this, *commandHandler, window, certAndPinInfo);
-        connect(commandHandlerConfirmThread, &CommandHandlerConfirmThread::completed, this,
-                &Controller::onCommandHandlerConfirmCompleted);
-        connectRetry(commandHandlerConfirmThread);
+    auto* commandHandlerConfirmThread =
+        new CommandHandlerConfirmThread(this, *commandHandler, window, certAndPinInfo);
+    connect(commandHandlerConfirmThread, &CommandHandlerConfirmThread::completed, this,
+            &Controller::onCommandHandlerConfirmCompleted);
+    connectRetry(commandHandlerConfirmThread);
+    connect(commandHandler.get(), &CommandHandler::verifyPinFailed, this,
+            &Controller::onCertificatesLoaded);
 
-        commandHandlerConfirmThread->start();
+    commandHandlerConfirmThread->start();
 
-    } catch (const std::exception& error) {
-        onCriticalFailure(error.what());
-    }
+} catch (const std::exception& error) {
+    onCriticalFailure(error.what());
 }
 
 void Controller::onCommandHandlerConfirmCompleted(const QVariantMap& res)
@@ -258,7 +255,7 @@ void Controller::onRetry()
     }
 }
 
-void Controller::connectRetry(const ControllerChildThread* childThread)
+void Controller::connectRetry(const ControllerChildThread* childThread) const
 {
     REQUIRE_NON_NULL(childThread)
     connect(childThread, &ControllerChildThread::failure, this, &Controller::onCriticalFailure);
diff --git a/src/controller/controller.hpp b/src/controller/controller.hpp
index e3009168..7bffe67c 100644
--- a/src/controller/controller.hpp
+++ b/src/controller/controller.hpp
@@ -52,7 +52,7 @@ class Controller : public QObject
     void onCertificatesLoaded();
 
     // Called either directly from onDialogOK().
-    void onConfirmCommandHandler(const EidCertificateAndPinInfo& certAndPinInfo);
+    void onConfirmCommandHandler(const EidCertificateAndPinInfo& certAndPinInfo) noexcept;
 
     // Called from CommandHandlerConfirm thread.
     void onCommandHandlerConfirmCompleted(const QVariantMap& result);
@@ -69,8 +69,8 @@ class Controller : public QObject
 
 private:
     void startCommandExecution();
-    void runCommandHandler(const std::vector<electronic_id::ElectronicID::ptr>& availableEids);
-    void connectRetry(const ControllerChildThread* childThread);
+    void runCommandHandler(std::vector<electronic_id::ElectronicID::ptr> availableEids) noexcept;
+    void connectRetry(const ControllerChildThread* childThread) const;
     void createWindow();
     void disposeUI();
     void exit();
diff --git a/src/controller/threads/commandhandlerrunthread.hpp b/src/controller/threads/commandhandlerrunthread.hpp
index 463ea62a..dd552956 100644
--- a/src/controller/threads/commandhandlerrunthread.hpp
+++ b/src/controller/threads/commandhandlerrunthread.hpp
@@ -30,8 +30,9 @@ class CommandHandlerRunThread : public ControllerChildThread
 
 public:
     CommandHandlerRunThread(QObject* parent, CommandHandler& handler,
-                            const std::vector<electronic_id::ElectronicID::ptr>& eids) :
-        ControllerChildThread(handler.commandType(), parent), commandHandler(handler), eids(eids)
+                            std::vector<electronic_id::ElectronicID::ptr> eids) noexcept :
+        ControllerChildThread(handler.commandType(), parent), commandHandler(handler),
+        eids(std::move(eids))
     {
         // Connect retry signal to retry signal to pass it up from the command handler.
         connect(&commandHandler, &CommandHandler::retry, this, &ControllerChildThread::retry);
diff --git a/src/ui/webeiddialog.cpp b/src/ui/webeiddialog.cpp
index 4f381ed8..d60e61d8 100644
--- a/src/ui/webeiddialog.cpp
+++ b/src/ui/webeiddialog.cpp
@@ -171,7 +171,8 @@ WebEidDialog::WebEidDialog(QWidget* parent) : WebEidUI(parent), ui(new Private)
                 if (auto* button =
                         qobject_cast<CertificateButton*>(ui->selectionGroup->checkedButton())) {
                     ui->lockedWarning->setHidden(button->certificateInfo().cardActive);
-                    ui->okButton->setEnabled(currentCommand == CommandType::AUTHENTICATE || button->certificateInfo().cardActive);
+                    ui->okButton->setEnabled(currentCommand == CommandType::AUTHENTICATE
+                                             || button->certificateInfo().cardActive);
                 }
                 ui->okButton->setFocus();
             });
@@ -666,7 +667,8 @@ void WebEidDialog::setupPinPadProgressBarAndEmitWait(const EidCertificateAndPinI
 void WebEidDialog::setupPinInput(const EidCertificateAndPinInfo& certAndPinInfo)
 {
     ui->lockedWarning->setHidden(certAndPinInfo.cardActive);
-    setupPinPrompt(certAndPinInfo.pinInfo, currentCommand == CommandType::AUTHENTICATE || certAndPinInfo.cardActive);
+    setupPinPrompt(certAndPinInfo.pinInfo,
+                   currentCommand == CommandType::AUTHENTICATE || certAndPinInfo.cardActive);
     // The allowed character ranges are from the SafeNet eToken guide:
     // 1. English uppercase letters (ASCII 0x41...0x5A).
     // 2. English lowercase letters (ASCII 0x61...0x7A).