To prevent crimes after an entity such as sending a remittance to a transfer destination which is not intended by plagiarizing execution authority itself which has been once authenticated, like the "Trojan Horse".

There is disclosed an authentication system which uses a secondary device acceptance server provided among a subscriber terminal, a service operation server, a secondary device, and a service operation server. In the system, individual information of the secondary device (e.g., cellular phone) is registered in a service operation server, in advance. The service operation server executes key exchange for mutual authentication by multiple elements, and at least, immediately prior to a secondary server acceptance server executes service, after the confirmation of authentication in the service operation server; issues acceptance request to the secondary device; and further, receives acceptance (confirmation) message and feedbacks its confirmation message to complete final decision.