At present, in the related art, terminals using a non-contact card reading method are based on protocols such as ISO14443 and ISO15693 for data transmission. Taking the card reading process between the card reader and the smart card as an example, based on the above protocol, during the card reading process of the card reader and the smart card, after the card reader transmits the command data, there will be a frame waiting time (FWT), indicating the maximum time range that the card reader is permitted to wait to receive the smart card response data. That is to say, after the card reader transmits an instruction to the smart card, the card reader waits to receive the response data of the smart card. As long as the data is returned within the frame waiting time (FWT), the card reader will receive it.
Regarding the existing smart card communication protocol, the following problems may exist: for the card reading process, as illustrated in FIG. 1, the merchant card reader transmits the data to the user smart card under normal circumstances, and the user smart card begins to respond and process the data after receiving the data (the time to process the data is t1). After the processing is finished, the response data is immediately transmitted to the merchant card reader, ignoring a tiny time on the line transmission (the order of magnitude of the tiny time is small, and ignoring the tiny time makes it easy to simplify calculations). Therefore, the time required for the merchant card reader from finishing transmitting data to receiving the data fed back by the user smart card is T1=t1. If there is a hacker to perform a man-in-the-middle attack, as illustrated in FIG. 2, the man-in-middle smart card hijacks the request data of the merchant card reader, and forwards the data transmitted by the merchant card reader to the man-in-middle card reader. The man-in-middle card reader may tamper with the request data and transmit the tampered data to the user smart card (the time period from the man-in-middle smart card hijacking the request data of the merchant card reader to the man-in-middle card reader transmitting the tampered data to the user card reader is tw1). After receiving the tampered data, the user card reader processes the data (the time to process the data is t1), and transmit the processed data to the man-in-middle card reader. The man-in-middle card reader may tamper with the processed data returned by the user smart card, and transmit the tampered data to the merchant card reader through the man-in-middle smart card (the time period from the man-in-middle card reader receiving the processed data returned by the user smart card to the man-in-middle card reader transmitting the tampered data to the merchant card reader through the man-in-middle smart card is tw2). Then, the time period required by the merchant card reader from finishing transmitting the data to receiving the data fed back by the user smart card is T2=t1+tw1+tw2.
According to the existing smart card communication protocol, as long as T2<FWT, the merchant card reader will receive the data transmitted by the man-in-middle smart card and perform subsequent operations (e.g. transaction process), such that there is a danger that the man-in-middle hijacks the data while the merchant card reader does not know it, resulting in the economic loss of the merchant.