To provide a personal authentication system using an IC card, that system is able to executes a personal authentication without using any IC card reader provided by a personal computer.
This system comprises an AP(application) authentication process authenticating an AP server 40 by a client system 50, an AP server- authentication server authentication process authenticating mutually between the AP server 40 and an authentication server 30, an IC card - authentication server mutual authentication process authenticating mutually between the IC card 20 and the authentication server 30 through a telephone line by inserting the card to the IC 20 card reader 12, a disposable authentication key issue process issuing by the server 30 in the case of success of the mutual authentication between the card 20 and the server 30, a disposable authentication key informing process informing the issued disposable authentication key to a user through the telephone line of a mobile telephone 10, then the disposable key is used by the user as the personal authentication key for onetime transaction.