diff --git a/services/implementation/src/authentication/dm_auth_manager.cpp b/services/implementation/src/authentication/dm_auth_manager.cpp
index 307ee014fc26daf873ffc8ab8d29cf51509fbe57..e237a3678578b0d7485252b70826ec244ceb0fa1 100644
--- a/services/implementation/src/authentication/dm_auth_manager.cpp
+++ b/services/implementation/src/authentication/dm_auth_manager.cpp
@@ -2361,6 +2361,7 @@ void DmAuthManager::ResponseCredential()
 bool DmAuthManager::AuthDeviceTransmit(int64_t requestId, const uint8_t *data, uint32_t dataLen)
 {
     LOGI("DmAuthManager::onTransmit start.");
+    CHECK_NULL_RETURN(authResponseContext_, false);
     if (requestId != authResponseContext_->requestId) {
         LOGE("DmAuthManager::onTransmit requestId %{public}" PRId64"is error.", requestId);
         return false;
diff --git a/services/implementation/src/authentication_v2/auth_stages/auth_confirm.cpp b/services/implementation/src/authentication_v2/auth_stages/auth_confirm.cpp
index c5fe661fd07e3a2911b82511e90ca0e0b9e0b6f8..2e8a3b58059a67e68c3d6a38b2268d75c5a26470 100644
--- a/services/implementation/src/authentication_v2/auth_stages/auth_confirm.cpp
+++ b/services/implementation/src/authentication_v2/auth_stages/auth_confirm.cpp
@@ -197,8 +197,10 @@ void AuthSrcConfirmState::GetSrcCredType(std::shared_ptr<DmAuthContext> context,
     CHECK_NULL_VOID(context);
     std::vector<std::string> deleteCredInfo;
     for (const auto &item : credInfo.Items()) {
-        if (!item.Contains(FILED_CRED_TYPE) || !item[FILED_CRED_TYPE].IsNumberInteger() ||
-            !item.Contains(FILED_CRED_ID) || !item[FILED_CRED_ID].IsString()) {
+        if (!item.Contains(FILED_CRED_ID) || !item[FILED_CRED_ID].IsString()) {
+            continue;
+        }
+        if (!item.Contains(FILED_CRED_TYPE) || !item[FILED_CRED_TYPE].IsNumberInteger()) {
             deleteCredInfo.push_back(item[FILED_CRED_ID].Get<std::string>());
             DirectlyDeleteCredential(context, context->accesser.userId, item);
             continue;
@@ -553,10 +555,12 @@ void AuthSrcConfirmState::GetSrcCredentialInfo(std::shared_ptr<DmAuthContext> co
     }
     std::vector<std::string> deleteCredInfo;
     for (auto &item : credInfo.Items()) { // id1:json1, id2:json2, id3:json3
+        if (!item.Contains(FILED_CRED_ID) || !item[FILED_CRED_ID].IsString()) {
+            continue;
+        }
         uint32_t credType = DmAuthState::GetCredentialType(context, item);
         if (credType == DM_INVALIED_TYPE || !item.Contains(FILED_CRED_TYPE) ||
-            !item[FILED_CRED_TYPE].IsNumberInteger() || !item.Contains(FILED_CRED_ID) ||
-            !item[FILED_CRED_ID].IsString()) {
+            !item[FILED_CRED_TYPE].IsNumberInteger()) {
             deleteCredInfo.push_back(item[FILED_CRED_ID].Get<std::string>());
             continue;
         }
diff --git a/services/implementation/src/authentication_v2/auth_stages/auth_negotiate.cpp b/services/implementation/src/authentication_v2/auth_stages/auth_negotiate.cpp
index 853d616dc8d701543e683a78b91efb8a7c37764a..c674341998405dd3c00a5d20463389133a8212ff 100644
--- a/services/implementation/src/authentication_v2/auth_stages/auth_negotiate.cpp
+++ b/services/implementation/src/authentication_v2/auth_stages/auth_negotiate.cpp
@@ -303,8 +303,10 @@ void AuthSinkNegotiateStateMachine::GetSinkCredType(std::shared_ptr<DmAuthContex
     CHECK_NULL_VOID(context);
     std::vector<std::string> deleteCredInfo;
     for (const auto &item : credInfo.Items()) {
-        if (!item.Contains(FILED_CRED_TYPE) || !item[FILED_CRED_TYPE].IsNumberInteger() ||
-            !item.Contains(FILED_CRED_ID) || !item[FILED_CRED_ID].IsString()) {
+        if (!item.Contains(FILED_CRED_ID) || !item[FILED_CRED_ID].IsString()) {
+            continue;
+        }
+        if (!item.Contains(FILED_CRED_TYPE) || !item[FILED_CRED_TYPE].IsNumberInteger()) {
             deleteCredInfo.push_back(item[FILED_CRED_ID].Get<std::string>());
             DirectlyDeleteCredential(context, context->accessee.userId, item);
             continue;
@@ -378,8 +380,10 @@ void AuthSinkNegotiateStateMachine::GetSinkProxyCredTypeForP2P(std::shared_ptr<D
             credInfoJson.Parse(item->proxyAccessee.credInfoJson);
         }
         for (const auto &credItem : credInfoJson.Items()) {
-            if (!credItem.Contains(FILED_CRED_TYPE) || !credItem[FILED_CRED_TYPE].IsNumberInteger() ||
-                !credItem.Contains(FILED_CRED_ID) || !credItem[FILED_CRED_ID].IsString()) {
+            if (!credItem.Contains(FILED_CRED_ID) || !credItem[FILED_CRED_ID].IsString()) {
+                continue;
+            }
+            if (!credItem.Contains(FILED_CRED_TYPE) || !credItem[FILED_CRED_TYPE].IsNumberInteger()) {
                 deleteCredInfo.push_back(credItem[FILED_CRED_ID].Get<std::string>());
                 DirectlyDeleteCredential(context, context->accessee.userId, credItem);
                 continue;
@@ -661,10 +665,12 @@ void AuthSinkNegotiateStateMachine::GetSinkCredentialInfo(std::shared_ptr<DmAuth
     }
     std::vector<std::string> deleteCredInfo;
     for (auto& item : credInfo.Items()) { // id1:json1, id2:json2, id3:json3
+        if (!item.Contains(FILED_CRED_ID) || !item[FILED_CRED_ID].IsString()) {
+            continue;
+        }
         uint32_t credType = DmAuthState::GetCredentialType(context, item);
         if (credType == DM_INVALIED_TYPE || !item.Contains(FILED_CRED_TYPE) ||
-            !item[FILED_CRED_TYPE].IsNumberInteger() || !item.Contains(FILED_CRED_ID) ||
-            !item[FILED_CRED_ID].IsString()) {
+            !item[FILED_CRED_TYPE].IsNumberInteger()) {
             deleteCredInfo.push_back(item[FILED_CRED_ID].Get<std::string>());
             continue;
         }